mirror of
https://github.com/apache/nuttx.git
synced 2026-05-22 13:52:22 +08:00
dependabot[bot]
0e229e004a
Bumps [actions/github-script](https://github.com/actions/github-script) from 8.0.0 to 9.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
91 lines
3.5 KiB
YAML
91 lines
3.5 KiB
YAML
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# This workflow will fetch the PR Labels from the PR Artifact, and write
|
|
# the PR Labels into the PR. The workflow is called after the
|
|
# "pull_request" trigger (labeler.yml). This "workflow_run" trigger uses a
|
|
# GitHub Token with Write Permission, so we must never run any untrusted
|
|
# code from the PR, and we must always extract and use the PR Artifact
|
|
# safely. See https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=321719166#GitHubActionsSecurity-Buildstriggeredwithworkflow_run
|
|
name: "Set Pull Request Labels"
|
|
on:
|
|
workflow_run:
|
|
workflows: ["Pull Request Labeler"]
|
|
types:
|
|
- completed
|
|
|
|
jobs:
|
|
pr_labeler:
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
issues: write
|
|
runs-on: ubuntu-latest
|
|
if: >
|
|
github.event.workflow_run.event == 'pull_request' &&
|
|
github.event.workflow_run.conclusion == 'success'
|
|
steps:
|
|
# Download the PR Artifact, containing PR Number and PR Labels
|
|
- name: Download PR artifact
|
|
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
|
|
with:
|
|
script: |
|
|
const artifacts = await github.rest.actions.listWorkflowRunArtifacts({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
run_id: ${{ github.event.workflow_run.id }},
|
|
});
|
|
const matchArtifact = artifacts.data.artifacts.filter((artifact) => {
|
|
return artifact.name == "pr"
|
|
})[0];
|
|
const download = await github.rest.actions.downloadArtifact({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
artifact_id: matchArtifact.id,
|
|
archive_format: 'zip',
|
|
});
|
|
const fs = require('fs');
|
|
fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
|
|
|
|
# Unzip the PR Artifact
|
|
- name: Unzip PR artifact
|
|
run: unzip pr.zip
|
|
|
|
# Write the PR Labels into the PR
|
|
- name: Write PR labels
|
|
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
script: |
|
|
const owner = context.repo.owner;
|
|
const repo = context.repo.repo;
|
|
const fs = require('fs');
|
|
|
|
// Read the PR Number and PR Labels from the PR Artifact
|
|
// e.g. 'Size: XS\nArch: avr\n'
|
|
const issue_number = Number(fs.readFileSync('pr-id.txt'));
|
|
const labels = fs.readFileSync('pr-labels.txt', 'utf8')
|
|
.split('\n') // Split by newline
|
|
.filter(s => (s != '')); // Remove empty lines
|
|
console.log({ issue_number, labels });
|
|
|
|
// Write the PR Labels into the PR
|
|
// e.g. [ 'Size: XS', 'Arch: avr' ]
|
|
await github.rest.issues.setLabels({
|
|
owner,
|
|
repo,
|
|
issue_number,
|
|
labels
|
|
});
|