123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 |
- # Dispatch a request to getsentry to run getsentry test suites
- name: getsentry dispatcher
- on:
- # XXX: We are using `pull_request_target` instead of `pull_request` because we want
- # this to run on forks. It allows forks to access secrets safely by
- # only running workflows from the main branch. Prefer to use `pull_request` when possible.
- #
- # See https://github.com/getsentry/sentry/pull/21600 for more details
- pull_request_target:
- types: [labeled, opened, reopened, synchronize]
- # disable all other special privileges
- permissions:
- # needed for `actions/checkout` to clone the code
- contents: read
- # needed to remove the pull-request label
- pull-requests: write
- jobs:
- dispatch:
- if: "github.event.action != 'labeled' || github.event.label.name == 'Trigger: getsentry tests'"
- name: getsentry dispatch
- runs-on: ubuntu-22.04
- steps:
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- with:
- persist-credentials: false
- - name: permissions
- run: |
- python3 -uS .github/workflows/scripts/getsentry-dispatch-setup \
- --repo-id ${{ github.event.repository.id }} \
- --pr ${{ github.event.number }} \
- --event ${{ github.event.action }} \
- --username "$ARG_USERNAME" \
- --label-names "$ARG_LABEL_NAMES"
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- # these can contain special characters
- ARG_USERNAME: ${{ github.event.pull_request.user.login }}
- ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }}
- - name: Check for file changes
- uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # v3.0.0
- id: changes
- with:
- token: ${{ github.token }}
- filters: .github/file-filters.yml
- - name: getsentry token
- uses: getsentry/action-github-app-token@d4b5da6c5e37703f8c3b3e43abb5705b46e159cc # v3.0.0
- id: getsentry
- with:
- app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }}
- private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
- - name: Wait for PR merge commit
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
- id: mergecommit
- with:
- github-token: ${{ steps.getsentry.outputs.token }}
- script: |
- require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/wait-for-merge-commit`).waitForMergeCommit({
- github,
- context,
- core,
- });
- - name: Dispatch getsentry tests
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
- with:
- github-token: ${{ steps.getsentry.outputs.token }}
- script: |
- require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/getsentry-dispatch`).dispatch({
- github,
- context,
- core,
- mergeCommitSha: '${{ steps.mergecommit.outputs.mergeCommitSha }}',
- fileChanges: ${{ toJson(steps.changes.outputs) }},
- });
|