ci(pr-check-lint_content): run reviewdog in separate workflow#43510
ci(pr-check-lint_content): run reviewdog in separate workflow#43510
Conversation
github-actions
bot
added
system
This comment was marked as outdated.
This comment was marked as outdated.
caugner
force-pushed
the
separate-reviewdog
branch
from
0343579 to
a3d9b51
Compare
- Make this workflow unprivileged. - Run reviewdog in separate workflow. - Remove obsolete "markdown-lint" reviewdog call.
caugner
force-pushed
the
separate-reviewdog
branch
from
c48292f to
82a3338
Compare
LeoMcA
left a comment
LeoMcA
left a comment
There was a problem hiding this comment.
A few questions, but generally looks good:
| - name: Identify PR | ||
| id: identify-pr | ||
| env: | ||
| BASE_REPO: ${{ github.repository }} | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
| HEAD_REPO: ${{ github.event.workflow_run.head_repository.full_name }} | ||
| HEAD_SHA: ${{ github.event.workflow_run.head_sha }} | ||
| run: | | ||
| PR_NUMBER=$(gh api "repos/$HEAD_REPO/commits/$HEAD_SHA/pulls" \ | ||
| --jq ".[] | select(.base.repo.full_name == \"$BASE_REPO\") | .number") | ||
| echo "number=$PR_NUMBER" >> $GITHUB_OUTPUT |
There was a problem hiding this comment.
Thought for later: I remember us using a similar step to this across a bunch of workflows, short of publishing our own actions, could we have a library of "actions" we can import across a range of workflows (as I'm sure there's other similar steps we need across workflows).
There was a problem hiding this comment.
The problem with actions (to be used as a step) is that afaik you need one repository per action, hence why https://github.com/Mozilla-Actions/ exists.
There was a problem hiding this comment.
not sure if that's required, you can host multiple reusable actions in the same repo, MozCloud have reusable actions in this repo for example: https://github.com/mozilla-it/deploy-actions
There was a problem hiding this comment.
IIUC composite actions run as jobs, not as steps. This could run as a separate job, but it would add overhead and slow things down.
There was a problem hiding this comment.
Hm, looks like that repo indeed has actions that can run as a step. All actions in one repo would share the same tag, but that might be fine for our own actions.
caugner
force-pushed
the
separate-reviewdog
branch
from
51d3145 to
5c97bbd
Compare
caugner
force-pushed
the
separate-reviewdog
branch
from
5c97bbd to
89a4658
Compare
caugner
force-pushed
the
separate-reviewdog
branch
from
89a4658 to
3adb680
Compare
This is what appears in the Checks box on the GitHub PR.
caugner
force-pushed
the
separate-reviewdog
branch
from
c3808fd to
89261d9
Compare
4 participants
Description
pr-check-lint_contentworkflow into a separatepr-reviewdogworkflow (privileged, with status reporting), by passing diff and Markdownlint log as an artifact.pr-check-lint_contentworkflow unprivileged, and simplifies it by removing now-obsolete safeguards.Motivation
Additional details
Tested on my personal fork:
Note: Reviewdog refuses to use
github-pr-reviewreporter when run in a non-PR workflow (workflow_run), so we need to pretend we're not in GitHub CI by hidingGITHUB_ACTIONSfrom it.Related issues and pull requests
Same as: