3030 timeout-minutes : 20
3131 permissions :
3232 contents : read
33+ pull-requests : write
3334 steps :
3435 - name : Checkout
3536 uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
6263 tool : cargo-about@${{ steps.ci-config.outputs.cargo_about_version }}
6364
6465 - name : Compare lockfile licenses
66+ id : compare
6567 continue-on-error : true
6668 env :
6769 DEFAULT_BRANCH : ${{ inputs.default_branch }}
@@ -83,30 +85,55 @@ jobs:
8385 fi
8486
8587 echo "Comparing lockfile licenses against ${compare_ref}"
88+ printf 'compare_ref=%s\n' "$compare_ref" >> "$GITHUB_OUTPUT"
8689
8790 set +e
8891 uv run --no-project --python ${{ steps.ci-config.outputs.default_python_version }} python scripts/licensing/license_diff.py --base-ref "$compare_ref" > license-diff.md 2> license-diff.status
8992 diff_status=$?
9093 set -e
94+ printf 'diff_status=%s\n' "$diff_status" >> "$GITHUB_OUTPUT"
9195
9296 if [[ "$diff_status" -ne 0 ]]; then
93- echo "::warning title=License diff failed::license_diff.py exited with status ${diff_status}; see the step summary for captured output."
97+ echo "::warning title=License diff failed::license_diff.py exited with status ${diff_status}; see the PR comment for captured output."
9498 fi
9599
96100 cat license-diff.status >&2
97101 cat license-diff.md
98102
103+ name : Upsert PR comment
104+ if : ${{ steps.compare.outcome == 'success' }}
105+ env :
106+ COMPARE_REF : ${{ steps.compare.outputs.compare_ref }}
107+ DIFF_STATUS : ${{ steps.compare.outputs.diff_status }}
108+ GH_REPO : ${{ github.repository }}
109+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
110+ run : |
111+ set -euo pipefail
112+
113+ pr_number="${GITHUB_REF_NAME#pull-request/}"
114+ if [[ "$pr_number" == "$GITHUB_REF_NAME" || -z "$pr_number" ]]; then
115+ echo "::warning title=License diff comment skipped::Unable to derive a PR number from ref '${GITHUB_REF_NAME}'."
116+ exit 0
117+ fi
118+
119+ marker="<!-- nemo-relay-license-diff -->"
99120 {
121+ echo "$marker"
100122 echo "## License Diff"
101123 echo
102- echo "Compared against \`${compare_ref }\`."
124+ echo "Compared against \`${COMPARE_REF }\`."
103125 echo
104- if [[ "$diff_status" -ne 0 ]]; then
105- echo "> License diff failed with exit code \`${diff_status }\`; this informational check does not block CI."
126+ if [[ "$DIFF_STATUS" != "0" ]]; then
127+ echo "> License diff failed with exit code \`${DIFF_STATUS }\`; this informational check does not block CI."
106128 echo
107129 fi
108130 if [[ -s license-diff.md ]]; then
131+ echo "<details>"
132+ echo "<summary>Lockfile license changes</summary>"
133+ echo
109134 cat license-diff.md
135+ echo
136+ echo "</details>"
110137 else
111138 echo "No license diff output was produced."
112139 fi
@@ -117,4 +144,26 @@ jobs:
117144 cat license-diff.status
118145 echo '```'
119146 echo "</details>"
120- } >> "$GITHUB_STEP_SUMMARY"
147+ } > license-diff-comment.md
148+
149+ comment_id=""
150+ if ! comment_id="$(
151+ gh api "repos/{owner}/{repo}/issues/${pr_number}/comments" --paginate \
152+ --jq '.[] | select(.user.login == "github-actions[bot]" and (.body // "" | contains("<!-- nemo-relay-license-diff -->"))) | .id' \
153+ | tail -n 1
154+ )"; then
155+ echo "::warning title=License diff comment failed::Unable to list comments on PR #${pr_number}."
156+ exit 0
157+ fi
158+
159+ if [[ -n "$comment_id" ]]; then
160+ if gh api --method PATCH "repos/{owner}/{repo}/issues/comments/${comment_id}" --field body=@license-diff-comment.md --silent; then
161+ echo "Updated license diff comment on PR #${pr_number}."
162+ else
163+ echo "::warning title=License diff comment failed::Unable to update license diff comment on PR #${pr_number}."
164+ fi
165+ elif gh api --method POST "repos/{owner}/{repo}/issues/${pr_number}/comments" --field body=@license-diff-comment.md --silent; then
166+ echo "Created license diff comment on PR #${pr_number}."
167+ else
168+ echo "::warning title=License diff comment failed::Unable to create license diff comment on PR #${pr_number}."
169+ fi
0 commit comments