# Dispatch a request to getsentry to run getsentry test suites name: getsentry dispatcher on: # XXX: We are using `pull_request_target` instead of `pull_request` because we want # this to run on forks. It allows forks to access secrets safely by # only running workflows from the main branch. Prefer to use `pull_request` when possible. # # See https://github.com/getsentry/sentry/pull/21600 for more details pull_request_target: types: [labeled, opened, reopened, synchronize] # disable all other special privileges permissions: # needed for `actions/checkout` to clone the code contents: read # needed to remove the pull-request label pull-requests: write jobs: dispatch: if: "github.event.action != 'labeled' || github.event.label.name == 'Trigger: getsentry tests'" name: getsentry dispatch runs-on: ubuntu-22.04 steps: - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 with: persist-credentials: false - name: permissions run: | python3 -uS .github/workflows/scripts/getsentry-dispatch-setup \ --repo-id ${{ github.event.repository.id }} \ --pr ${{ github.event.number }} \ --event ${{ github.event.action }} \ --username "$ARG_USERNAME" \ --label-names "$ARG_LABEL_NAMES" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # these can contain special characters ARG_USERNAME: ${{ github.event.pull_request.user.login }} ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }} - name: Check for file changes uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # v3.0.0 id: changes with: token: ${{ github.token }} filters: .github/file-filters.yml - name: getsentry token uses: getsentry/action-github-app-token@97c9e23528286821f97fba885c1b1123284b29cc # v2.0.0 id: getsentry with: app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }} private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} - name: Wait for PR merge commit uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 # v6.3.3 id: mergecommit with: github-token: ${{ steps.getsentry.outputs.token }} script: | require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/wait-for-merge-commit`).waitForMergeCommit({ github, context, core, }); - name: Dispatch getsentry tests uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 # v6.3.3 with: github-token: ${{ steps.getsentry.outputs.token }} script: | require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/getsentry-dispatch`).dispatch({ github, context, core, mergeCommitSha: '${{ steps.mergecommit.outputs.mergeCommitSha }}', fileChanges: ${{ toJson(steps.changes.outputs) }}, });