-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce workflows for receiving comments on a PR #1357
base: master
Are you sure you want to change the base?
Conversation
@@ -0,0 +1,56 @@ | |||
# Description: This workflow is triggered when the `receive-pr` workflow completes to post suggestions on the PR. |
Check failure
Code scanning / Scorecard
Token-Permissions High
Remediation tip: Visit https://app.stepsecurity.io/secureworkflow.
Tick the 'Restrict permissions for GITHUB_TOKEN'
Untick other options
NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead.
Click Remediation section below for further remediation help
repository: ${{github.event.workflow_run.head_repository.full_name}} | ||
|
||
# Download the patch | ||
- uses: actions/download-artifact@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
rm git-diff.patch | ||
|
||
# Download the PR number | ||
- uses: actions/download-artifact@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
@@ -0,0 +1,54 @@ | |||
# Description: This workflow runs OpenRewrite recipes against opened pull request and upload the patch. |
Check failure
Code scanning / Scorecard
Token-Permissions High
Remediation tip: Visit https://app.stepsecurity.io/secureworkflow.
Tick the 'Restrict permissions for GITHUB_TOKEN'
Untick other options
NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead.
Click Remediation section below for further remediation help
runs-on: ubuntu-latest | ||
timeout-minutes: 10 | ||
steps: | ||
- uses: actions/checkout@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#using-data-from-the-triggering-workflow | ||
- name: Create pr_number.txt | ||
run: echo "${{ github.event.number }}" > pr_number.txt | ||
- uses: actions/upload-artifact@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
Looks good. No mutations were possible for these changes. |
rm pr_number.txt | ||
# Post suggestions as a comment on the PR | ||
- uses: googleapis/code-suggester@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
- name: Create patch | ||
run: | | ||
git diff | tee git-diff.patch | ||
- uses: actions/upload-artifact@v4 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
Looks good. No mutations were possible for these changes. |
ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
timeout-minutes: 10 | ||
steps: | ||
- uses: actions/a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
@@ -37,7 +37,7 @@ | |||
java-distribution: temurin | |||
maven-version: 3.9.9 | |||
- name: Download Pitest analysis artifact | |||
uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 | |||
uses: dawidd6/action-download-artifact@`09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4` |
Check warning
Code scanning / Scorecard
Pinned-Dependencies Medium
Click Remediation section below to solve this issue
Looks good. No mutations were possible for these changes. |
2 similar comments
Looks good. No mutations were possible for these changes. |
Looks good. No mutations were possible for these changes. |
c3c1299
to
7d977af
Compare
Looks good. No mutations were possible for these changes. |
1 similar comment
Looks good. No mutations were possible for these changes. |
7d977af
to
05369eb
Compare
Looks good. No mutations were possible for these changes. |
Quality Gate passedIssues Measures |
05369eb
to
b5c1985
Compare
Looks good. No mutations were possible for these changes. |
Quality Gate passedIssues Measures |
Credits to @timtebeek for helping out with setting this up!