Skip to content
techapi-verify-comment

techapi-verify #15

Sign in to view logs

techapi-verify

techapi-verify #15

Workflow file for this run

.github/workflows/techapi-verify-comment.yml at 4e8b002
name: techapi-verify-comment
# On-demand Tier 0 data verification for a TechAPI PR. Triggered by an English
# command comment (`/verify`) on the PR, relayed here as a repository_dispatch by
# TechAPI's verify-command.yml. Checks out the PR head, runs TechAPI's app.verify,
# and posts the green/yellow/red band report back on the PR as TechEngineBot.
on:
repository_dispatch:
types: [techapi-verify]
workflow_dispatch:
inputs:
pr_number:
description: "TechAPI PR number to verify + comment on"
required: true
head_sha:
description: "TechAPI commit SHA to verify"
required: true
permissions:
contents: read
concurrency:
group: techapi-verify-${{ github.event.client_payload.pr_number || inputs.pr_number }}-${{ github.event.client_payload.mode || 'all' }}
cancel-in-progress: true
jobs:
verify:
runs-on: ubuntu-latest
env:
PYTHONIOENCODING: utf-8
TECHAPI_COMMENT_TOKEN: ${{ secrets.TECHENGINEBOT_TOKEN || secrets.TECHAPI_TOKEN }}
TECHAPI_PR_NUMBER: ${{ github.event.client_payload.pr_number || inputs.pr_number }}
TECHAPI_HEAD_SHA: ${{ github.event.client_payload.head_sha || inputs.head_sha }}
REQUESTED_BY: ${{ github.event.client_payload.requested_by || github.actor }}
TECHAPI_COMMENT_ID: ${{ github.event.client_payload.comment_id }}
# "tier0" = auto PR report (relayed by TechAPI verify-report.yml); else the
# on-demand /verify all-tiers run.
MODE: ${{ github.event.client_payload.mode || 'all' }}
steps:
# Acknowledge the /verify command as TechEngineBot (the bot holds the token;
# the relay side must not react, or it looks like the requester self-reacting).
- name: Acknowledge command (TechEngineBot 👀)
if: env.TECHAPI_COMMENT_TOKEN != '' && env.TECHAPI_COMMENT_ID != ''
uses: actions/github-script@v7
with:
github-token: ${{ secrets.TECHENGINEBOT_TOKEN || secrets.TECHAPI_TOKEN }}
script: |
const comment_id = Number(process.env.TECHAPI_COMMENT_ID);
if (comment_id) {
try {
await github.rest.reactions.createForIssueComment({
owner: 'GetTechAPI', repo: 'TechAPI', comment_id, content: 'eyes',
});
} catch (e) { core.info(`reaction skipped: ${e.message}`); }
}
env:
TECHAPI_COMMENT_ID: ${{ github.event.client_payload.comment_id }}
- name: Checkout TechAPI PR head
uses: actions/checkout@v4
with:
repository: GetTechAPI/TechAPI
ref: ${{ env.TECHAPI_HEAD_SHA }}
path: TechAPI
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: "3.12"
# app.verify is a stdlib-only TechAPI module; run it from the checkout.
# mode=tier0 (auto PR report): fast offline Tier 0 only (changed + baseline).
# mode=all (/verify on demand): `pr` runs Tiers 0-3 (3 = promotion DRY-RUN).
- name: Run verification
id: verify
run: |
cd TechAPI
git fetch origin main --depth=1 || true
{
echo 'report<<VERIFY_EOF'
if [ "${MODE}" = "tier0" ]; then
echo "### Changed records in this PR"
echo ""
python -m app.verify score --changed --no-cache --format md || echo "_app.verify unavailable on this ref._"
echo ""
echo "### Full-dataset baseline"
echo ""
python -m app.verify score --no-cache --format md || true
else
python -m app.verify pr || echo "_app.verify unavailable on this ref._"
fi
echo VERIFY_EOF
} >> "$GITHUB_OUTPUT"
- name: Post verification comment (TechEngineBot)
if: env.TECHAPI_COMMENT_TOKEN != ''
uses: actions/github-script@v7
env:
REPORT: ${{ steps.verify.outputs.report }}
PR_NUMBER: ${{ env.TECHAPI_PR_NUMBER }}
REQUESTED_BY: ${{ env.REQUESTED_BY }}
MODE: ${{ env.MODE }}
with:
github-token: ${{ secrets.TECHENGINEBOT_TOKEN || secrets.TECHAPI_TOKEN }}
script: |
const report = (process.env.REPORT || '').trim() || '(no output)';
const by = process.env.REQUESTED_BY || 'someone';
const isTier0 = (process.env.MODE || 'all') === 'tier0';
// Auto report and on-demand /verify use distinct marked comments.
const marker = isTier0
? '<!-- techengine-verify-report -->'
: '<!-- techengine-verify-command -->';
const head = isTier0
? ['## 🔎 Data verification — Tier 0 (offline existence/trust)', '',
'Scored by `app.verify`; posted by **TechEngineBot**. Informational only — the structural gate (`app.validate`) is separate and authoritative for merge.', '',
report]
: [report]; // `pr` emits its own H2 heading + tier sections
const footer = isTier0
? '<sub>green = authoritative source + complete + consistent · yellow = plausible, needs confirmation · red = sparse/weak source or a hard contradiction. Promotion to `verified` runs in the scheduled `verify-network` workflow.</sub>'
: `<sub>Requested by @${by} via \`/verify\` · scored by \`app.verify\`, posted by **TechEngineBot**. Informational only — the structural gate (\`app.validate\`) is separate; Tier 3 here is dry-run.</sub>`;
const body = [marker, ...head, '', footer].join('\n');
const owner = 'GetTechAPI';
const repo = 'TechAPI';
const issue_number = Number(process.env.PR_NUMBER);
const comments = await github.paginate(github.rest.issues.listComments, {
owner, repo, issue_number, per_page: 100,
});
const existing = comments.find((c) => c.body && c.body.includes(marker));
if (existing) {
await github.rest.issues.updateComment({ owner, repo, comment_id: existing.id, body });
} else {
await github.rest.issues.createComment({ owner, repo, issue_number, body });
}
- name: Dormant when no bot token
if: env.TECHAPI_COMMENT_TOKEN == ''
run: echo "::warning::No TECHENGINEBOT_TOKEN/TECHAPI_TOKEN; verification ran but no comment was posted."