ci(verify): markdown-table band report (readable PR comments) #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: verify-command | |
| # Type `/verify` (or `@TechEngineBot verify`) in a TechAPI PR comment to trigger an | |
| # on-demand Tier 0 data verification. issue_comment fires in this repo, so the | |
| # listener lives here; it relays the request to TechEngine (which holds the bot | |
| # token + runs app.verify) via repository_dispatch. TechEngine posts the band | |
| # report back on the PR as TechEngineBot. Restricted to repo members/collaborators. | |
| on: | |
| issue_comment: | |
| types: [created] | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: write # react to the command comment as acknowledgement | |
| jobs: | |
| relay: | |
| runs-on: ubuntu-latest | |
| # Only on PR comments, only for the command, only from trusted authors. | |
| if: >- | |
| github.event.issue.pull_request && | |
| (startsWith(github.event.comment.body, '/verify') || | |
| contains(github.event.comment.body, '@TechEngineBot verify')) && | |
| contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association) | |
| env: | |
| ENGINE_TOKEN: ${{ secrets.ENGINE_TOKEN }} | |
| steps: | |
| - name: Dormant when ENGINE_TOKEN is unset | |
| if: env.ENGINE_TOKEN == '' | |
| run: echo "::warning::ENGINE_TOKEN not configured; cannot relay /verify to TechEngine." | |
| - name: Acknowledge + relay to TechEngine | |
| if: env.ENGINE_TOKEN != '' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.ENGINE_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| // 👀 reaction so the requester sees the command was picked up. | |
| try { | |
| await github.rest.reactions.createForIssueComment({ | |
| owner, repo, comment_id: context.payload.comment.id, content: 'eyes', | |
| }); | |
| } catch (e) { | |
| core.info(`reaction skipped: ${e.message}`); | |
| } | |
| const pr = await github.rest.pulls.get({ owner, repo, pull_number: issue_number }); | |
| await github.rest.repos.createDispatchEvent({ | |
| owner: 'GetTechAPI', | |
| repo: 'TechEngine', | |
| event_type: 'techapi-verify', | |
| client_payload: { | |
| pr_number: String(issue_number), | |
| head_sha: pr.data.head.sha, | |
| requested_by: context.payload.comment.user.login, | |
| }, | |
| }); | |
| core.info(`relayed /verify for PR #${issue_number} @ ${pr.data.head.sha}`); |