From c99abba755d8880349730371bf9128c748096d79 Mon Sep 17 00:00:00 2001 From: Seungpyo Hong Date: Mon, 22 Jun 2026 14:03:08 +0900 Subject: [PATCH] ci: add /verify PR-comment command (relays to TechEngine) Members can type /verify (or @TechEngineBot verify) on a PR to trigger on-demand Tier 0 verification; relays to TechEngine which posts the band report as the bot. Refs #1 --- .github/workflows/verify-command.yml | 60 ++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/verify-command.yml diff --git a/.github/workflows/verify-command.yml b/.github/workflows/verify-command.yml new file mode 100644 index 00000000000..057179eb410 --- /dev/null +++ b/.github/workflows/verify-command.yml @@ -0,0 +1,60 @@ +name: verify-command + +# Type `/verify` (or `@TechEngineBot verify`) in a TechAPI PR comment to trigger an +# on-demand Tier 0 data verification. issue_comment fires in this repo, so the +# listener lives here; it relays the request to TechEngine (which holds the bot +# token + runs app.verify) via repository_dispatch. TechEngine posts the band +# report back on the PR as TechEngineBot. Restricted to repo members/collaborators. +on: + issue_comment: + types: [created] + +permissions: + contents: read + pull-requests: read + issues: write # react to the command comment as acknowledgement + +jobs: + relay: + runs-on: ubuntu-latest + # Only on PR comments, only for the command, only from trusted authors. + if: >- + github.event.issue.pull_request && + (startsWith(github.event.comment.body, '/verify') || + contains(github.event.comment.body, '@TechEngineBot verify')) && + contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association) + env: + ENGINE_TOKEN: ${{ secrets.ENGINE_TOKEN }} + steps: + - name: Dormant when ENGINE_TOKEN is unset + if: env.ENGINE_TOKEN == '' + run: echo "::warning::ENGINE_TOKEN not configured; cannot relay /verify to TechEngine." + + - name: Acknowledge + relay to TechEngine + if: env.ENGINE_TOKEN != '' + uses: actions/github-script@v7 + with: + github-token: ${{ secrets.ENGINE_TOKEN }} + script: | + const { owner, repo } = context.repo; + const issue_number = context.issue.number; + // 👀 reaction so the requester sees the command was picked up. + try { + await github.rest.reactions.createForIssueComment({ + owner, repo, comment_id: context.payload.comment.id, content: 'eyes', + }); + } catch (e) { + core.info(`reaction skipped: ${e.message}`); + } + const pr = await github.rest.pulls.get({ owner, repo, pull_number: issue_number }); + await github.rest.repos.createDispatchEvent({ + owner: 'GetTechAPI', + repo: 'TechEngine', + event_type: 'techapi-verify', + client_payload: { + pr_number: String(issue_number), + head_sha: pr.data.head.sha, + requested_by: context.payload.comment.user.login, + }, + }); + core.info(`relayed /verify for PR #${issue_number} @ ${pr.data.head.sha}`);