Refactor CI for forked repositories - Fix POC

.github/actions/reports-group/codacy-uploader/action.yml

@@ -53,6 +53,8 @@ runs:
         glue-string: ',' # Ensure glue string as it's the expected one by the uploader
         follow-symbolic-links: ${{ inputs.follow-symbolic-links }}
 
+    # @TODO Use bash instead and rely on JQ ?
+    # Or create an *internal* action (not published on marketplace and stored inside this action repo) taking metadata JSON as input and returning each property the uploader has ?
     - name: Build uploader option
       id: build-uploader-options
       uses: actions/github-script@v7

.github/actions/reports-group/codecov-uploader/action.yml

@@ -59,6 +59,8 @@ runs:
         glue-string: ',' # Ensure glue string as it's the expected one by the uploader
         follow-symbolic-links: ${{ inputs.follow-symbolic-links }}
 
+    # @TODO Use bash instead and rely on JQ ?
+    # Or create an *internal* action (not published on marketplace and stored inside this action repo) taking metadata JSON as input and returning each property the uploader has ?
     - name: Build uploader option
       id: build-uploader-options
       uses: actions/github-script@v7

.github/workflows/codacy-upload-from-artifacts.yml

@@ -1,10 +1,18 @@
+# To store on same repo as reports-group/codacy-uploader action if doable !
 name: 'Codacy report groups upload'
 on:
   workflow_call:
     inputs:
       artifacts-pattern:
         required: true
         type: string
+      run-id:
+        description: |
+          The id of the workflow run where the artifacts were uploaded from (default to current run).
+          In case artefacts have been uploadded from another run, this input must be filled with original workflow !
+        required: false
+        default: "${{ github.run_id }}"
+        type: string
     secrets:
       PROJECT_TOKEN:
         required: true
@@ -16,6 +24,11 @@ on:
         description: TODO
         value: ${{ jobs.upload.outputs.reports }}
 
+# @TODO Investigate: `workflow_run` don't create a status check on the related PR !
+# Would it be handy/secure/not to complex to create a reports-group/check-run-from-workflow-run which:
+# - Would need to be added as first workflow wtep in order to create a `in-progress` check-run with all info fetched from the triggering workflow
+#   - Add a `fail-if-caller-failed` option which would create `failed` check-run and exit with an error ?
+# - Would update the check-run during post-process with the current status of the triggered workflow
 jobs:
   upload:
     name: Upload all reports
@@ -34,6 +47,8 @@ jobs:
         with:
           pattern: ${{ inputs.artifacts-pattern }}
           path: job-artifacts
+          github-token: ${{ github.token }} # Required in order to use `run-id` parameter !
+          run-id: ${{ inputs.run-id }} # Required in case workflow is executed from another run (e.g. `workflow_run`)
 
       - name: Upload all reports
         id: upload

.github/workflows/codecov-upload-from-artifacts.yml

@@ -1,10 +1,18 @@
+# To store on same repo as reports-group/codecov-uploader action if doable
 name: 'Codecov report groups upload'
 on:
   workflow_call:
     inputs:
       artifacts-pattern:
         required: true
         type: string
+      run-id:
+        description: |
+          The id of the workflow run where the artifacts were uploaded from (default to current run).
+          In case artefacts have been uploadded from another run, this input must be filled with original workflow !
+        required: false
+        default: "${{ github.run_id }}"
+        type: string
     secrets:
       TOKEN:
         required: true
@@ -31,6 +39,8 @@ jobs:
         with:
           pattern: ${{ inputs.artifacts-pattern }}
           path: job-artifacts
+          github-token: ${{ github.token }} # Required in order to use `run-id` parameter !
+          run-id: ${{ inputs.run-id }} # Required in case workflow is executed from another run (e.g. `workflow_run`)
 
       - name: DEBUG artifacts
         run: |
@@ -47,6 +57,8 @@ jobs:
       - name: DEBUG
         run: echo '${{ toJson(steps.find-groups.outputs) }}'
 
+      # @TODO create a reports-group/find-from-artifacts action returning a map of group name to the related artefacts
+      # (alternatively, update reports-group/find to manage it, like with a `from-artifacts` ??)
       - name: Build matrix
         id: build-matrix
         uses: actions/github-script@v7
@@ -99,6 +111,8 @@ jobs:
         with:
           name: ${{ matrix.artifact }}
           path: job-artifact
+          github-token: ${{ github.token }} # Required in order to use `run-id` parameter !
+          run-id: ${{ inputs.run-id }} # Required in case workflow is executed from another run (e.g. `workflow_run`)
 
       - name: DEBUG artifacts
         run: |

.github/workflows/coverage-upload.yml

@@ -7,20 +7,30 @@ on:
 jobs:
   codacy-uploader:
     name: Codacy
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     uses: ./.github/workflows/codacy-upload-from-artifacts.yml
     with:
       artifacts-pattern: coverage-groups-*
+      run-id: ${{ github.event.workflow_run.id }}
     secrets:
       PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
 
   codecov-uploader:
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     name: Codecov
     uses: ./.github/workflows/codecov-upload-from-artifacts.yml
     with:
       artifacts-pattern: coverage-groups-*
+      run-id: ${{ github.event.workflow_run.id }}
     secrets:
       TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
+  debug-context:
+    name: DEBUG - context
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo 'github event='"'"'${{ toJson(github.event) }}'"'"
+
   debug-uploads:
     name: DEBUG - Uploaders
     runs-on: ubuntu-latest