data(verify): verified promotions (2026-06-29) #104
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: verify-command | |
| # Type `/verify` (or `@TechEngineBot verify`) in a TechAPI PR comment to trigger an | |
| # on-demand Tier 0 data verification. issue_comment fires in this repo, so the | |
| # listener lives here; it relays the request to TechEngine (which holds the bot | |
| # token + runs app.verify) via repository_dispatch. TechEngine posts the band | |
| # report back on the PR as TechEngineBot. Restricted to repo members/collaborators. | |
| on: | |
| issue_comment: | |
| types: [created] | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: write # react to the command comment as acknowledgement | |
| jobs: | |
| relay: | |
| runs-on: ubuntu-latest | |
| # Only on PR comments, only for the command, only from trusted authors. | |
| if: >- | |
| github.event.issue.pull_request && | |
| (startsWith(github.event.comment.body, '/verify') || | |
| contains(github.event.comment.body, '@TechEngineBot verify')) && | |
| contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association) | |
| env: | |
| ENGINE_TOKEN: ${{ secrets.ENGINE_TOKEN }} | |
| steps: | |
| - name: Dormant when ENGINE_TOKEN is unset | |
| if: env.ENGINE_TOKEN == '' | |
| run: echo "::warning::ENGINE_TOKEN not configured; cannot relay /verify to TechEngine." | |
| - name: Acknowledge + relay to TechEngine | |
| if: env.ENGINE_TOKEN != '' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.ENGINE_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| // No reaction here: this step runs under the relay token (a human PAT), | |
| // so reacting would look like the requester reacting to themselves. | |
| // The 👀 acknowledgement is added by TechEngineBot on the engine side | |
| // (it holds the bot token); we just pass the comment id through. | |
| const pr = await github.rest.pulls.get({ owner, repo, pull_number: issue_number }); | |
| await github.rest.repos.createDispatchEvent({ | |
| owner: 'GetTechAPI', | |
| repo: 'TechEngine', | |
| event_type: 'techapi-verify', | |
| client_payload: { | |
| pr_number: String(issue_number), | |
| head_sha: pr.data.head.sha, | |
| comment_id: context.payload.comment.id, | |
| requested_by: context.payload.comment.user.login, | |
| }, | |
| }); | |
| core.info(`relayed /verify for PR #${issue_number} @ ${pr.data.head.sha}`); |