55 workflows : ["Test and lint"]
66 types :
77 - completed
8-
8+
99permissions : {}
1010
1111jobs :
@@ -14,46 +14,49 @@ jobs:
1414 contents : read
1515 pull-requests : write
1616 runs-on : ubuntu-latest
17- # && github.repository == github.event.workflow_run.repository.full_name
1817 if : >
1918 github.event.workflow_run.event == 'pull_request'
19+ && github.repository == github.event.workflow_run.repository.full_name
20+ # The github.repository == ... check will prevent this workflow from running on forks.
2021 steps :
21- - name : Get PR number from commit SHA
22- id : get_pr
23- env :
24- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
25- run : |
26- SHA="${{ github.event.workflow_run.head_sha }}"
27- REPO="${{ github.repository }}"
28- PR_DATA=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
29- "https://api.github.com/repos/$REPO/commits/$SHA/pulls" \
30- -H "Accept: application/vnd.github.groot-preview+json")
31- echo "$PR_DATA"
32- PR_NUMBER=$(echo "$PR_DATA" | jq '.[0].number')
33- echo "PR number is $PR_NUMBER"
34- echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT
35- name : Download coverage report
36- uses : actions/download-artifact@v4
37- with :
38- pattern : coverage.xml
39- github-token : ${{ secrets.GITHUB_TOKEN }}
40- run-id : ${{ github.event.workflow_run.id }}
41- - name : Code Coverage Report
42- uses : irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0
43- with :
44- filename : coverage.xml
45- badge : true
46- fail_below_min : false
47- format : markdown
48- hide_branch_rate : false
49- hide_complexity : true
50- indicators : true
51- output : both
52- thresholds : ' 80 90'
53- - name : Add Coverage PR Comment
54- uses : marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.3
55- with :
56- recreate : true
57- path : code-coverage-results.md
58- number : ${{ steps.get_pr.outputs.pr_number }}
59- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
22+ - name : Get PR number
23+ id : get_pr_number
24+ env :
25+ SHA : " ${{ github.event.workflow_run.head_sha }}"
26+ REPO : " ${{github.repository}}"
27+ run : |
28+ # Query GitHub API to find the PR number associated with the head commit SHA
29+ PR_DATA=$(curl -s "https://api.github.com/search/issues?q=repo:$REPO+type:pr+sha:$SHA" | jq -c '.')
30+ # Check if head commit is on a single PR else ambiguous which PR triggered the workflow
31+ ITEMS_COUNT=$(jq '.items | length' <<< "$PR_DATA")
32+ if [ "$ITEMS_COUNT" -ne 1 ]; then
33+ echo "Error: Expected exactly one PR, but found $ITEMS_COUNT." >&2
34+ exit 1
35+ fi
36+ PR_NUMBER=$(jq '.items[0].number' <<< "$PR_DATA")
37+ echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT
38+ name : Download coverage report
39+ uses : actions/download-artifact@v4
40+ with :
41+ name : coverage.xml
42+ github-token : ${{ secrets.GITHUB_TOKEN }}
43+ run-id : ${{ github.event.workflow_run.id }}
44+ - name : Code Coverage Report
45+ uses : irongut/CodeCoverageSummary@51cc3a756ddcd398d447c044c02cb6aa83fdae95 # v1.3.0
46+ with :
47+ filename : coverage.xml
48+ badge : true
49+ fail_below_min : false
50+ format : markdown
51+ hide_branch_rate : false
52+ hide_complexity : true
53+ indicators : true
54+ output : both
55+ thresholds : ' 80 90'
56+ - name : Add Coverage PR Comment
57+ uses : marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.3
58+ with :
59+ recreate : true
60+ path : code-coverage-results.md
61+ number : ${{ steps.get_pr_number.outputs.pr_number }}
62+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
0 commit comments