mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-12 20:12:33 +00:00
af94606828
StackRunConfig is part of our public API, ensure stability of this datatype using a pytest snapshot test. If the pydantic model changes, it will fail. A snapshot can be re-generated via `@github-actions regenerate snapshots` by a code owner. The API conformance test will then re-run and pass. Signed-off-by: Charlie Doern <cdoern@redhat.com>
130 lines
5.5 KiB
YAML
130 lines
5.5 KiB
YAML
name: PR Bot Commands
|
|
|
|
run-name: Bot command for PR #${{ github.event.issue.number }}
|
|
|
|
on:
|
|
issue_comment:
|
|
types: [created]
|
|
|
|
jobs:
|
|
# Shared setup job for both pre-commit and snapshot regeneration
|
|
setup:
|
|
if: github.event.issue.pull_request && (contains(github.event.comment.body, '@github-actions run precommit') || contains(github.event.comment.body, '@github-actions regenerate snapshots'))
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
outputs:
|
|
authorized: ${{ steps.check_author.outputs.authorized }}
|
|
pr_number: ${{ steps.check_author.outputs.pr_number }}
|
|
pr_head_ref: ${{ steps.check_author.outputs.pr_head_ref }}
|
|
pr_head_sha: ${{ steps.check_author.outputs.pr_head_sha }}
|
|
pr_head_repo: ${{ steps.check_author.outputs.pr_head_repo }}
|
|
pr_base_ref: ${{ steps.check_author.outputs.pr_base_ref }}
|
|
is_fork: ${{ steps.check_author.outputs.is_fork }}
|
|
command: ${{ steps.detect_command.outputs.command }}
|
|
|
|
steps:
|
|
- name: Detect command
|
|
id: detect_command
|
|
run: |
|
|
COMMENT="${{ github.event.comment.body }}"
|
|
if [[ "$COMMENT" == *"@github-actions run precommit"* ]]; then
|
|
echo "command=precommit" >> $GITHUB_OUTPUT
|
|
elif [[ "$COMMENT" == *"@github-actions regenerate snapshots"* ]]; then
|
|
echo "command=regenerate-snapshots" >> $GITHUB_OUTPUT
|
|
fi
|
|
- name: Check comment author and get PR details
|
|
id: check_author
|
|
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
script: |
|
|
// Get PR details
|
|
const pr = await github.rest.pulls.get({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
pull_number: context.issue.number
|
|
});
|
|
|
|
// Check if commenter has write access or is the PR author
|
|
const commenter = context.payload.comment.user.login;
|
|
const prAuthor = pr.data.user.login;
|
|
|
|
let hasPermission = false;
|
|
|
|
// Check if commenter is PR author
|
|
if (commenter === prAuthor) {
|
|
hasPermission = true;
|
|
console.log(`Comment author ${commenter} is the PR author`);
|
|
} else {
|
|
// Check if commenter has write/admin access
|
|
try {
|
|
const permission = await github.rest.repos.getCollaboratorPermissionLevel({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
username: commenter
|
|
});
|
|
|
|
const level = permission.data.permission;
|
|
hasPermission = ['write', 'admin', 'maintain'].includes(level);
|
|
console.log(`Comment author ${commenter} has permission: ${level}`);
|
|
} catch (error) {
|
|
console.log(`Could not check permissions for ${commenter}: ${error.message}`);
|
|
}
|
|
}
|
|
|
|
if (!hasPermission) {
|
|
await github.rest.issues.createComment({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
issue_number: context.issue.number,
|
|
body: `❌ @${commenter} You don't have permission to trigger bot commands. Only PR authors or repository collaborators can run this command.`
|
|
});
|
|
core.setFailed(`User ${commenter} does not have permission`);
|
|
return;
|
|
}
|
|
|
|
// Save PR info for later steps
|
|
core.setOutput('pr_number', context.issue.number);
|
|
core.setOutput('pr_head_ref', pr.data.head.ref);
|
|
core.setOutput('pr_head_sha', pr.data.head.sha);
|
|
core.setOutput('pr_head_repo', pr.data.head.repo.full_name);
|
|
core.setOutput('pr_base_ref', pr.data.base.ref);
|
|
core.setOutput('is_fork', pr.data.head.repo.full_name !== context.payload.repository.full_name);
|
|
core.setOutput('authorized', 'true');
|
|
|
|
- name: React to comment
|
|
if: steps.check_author.outputs.authorized == 'true'
|
|
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
script: |
|
|
await github.rest.reactions.createForIssueComment({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
comment_id: context.payload.comment.id,
|
|
content: 'rocket'
|
|
});
|
|
|
|
pre-commit:
|
|
needs: setup
|
|
if: needs.setup.outputs.authorized == 'true' && needs.setup.outputs.command == 'precommit'
|
|
uses: ./.github/workflows/precommit-trigger.yml
|
|
with:
|
|
pr_number: ${{ needs.setup.outputs.pr_number }}
|
|
pr_head_ref: ${{ needs.setup.outputs.pr_head_ref }}
|
|
pr_head_sha: ${{ needs.setup.outputs.pr_head_sha }}
|
|
pr_head_repo: ${{ needs.setup.outputs.pr_head_repo }}
|
|
is_fork: ${{ needs.setup.outputs.is_fork }}
|
|
|
|
regenerate-snapshots:
|
|
needs: setup
|
|
if: needs.setup.outputs.authorized == 'true' && needs.setup.outputs.command == 'regenerate-snapshots'
|
|
uses: ./.github/workflows/regenerate-snapshots-trigger.yml
|
|
with:
|
|
pr_number: ${{ needs.setup.outputs.pr_number }}
|
|
pr_head_ref: ${{ needs.setup.outputs.pr_head_ref }}
|
|
pr_head_sha: ${{ needs.setup.outputs.pr_head_sha }}
|
|
pr_head_repo: ${{ needs.setup.outputs.pr_head_repo }}
|
|
is_fork: ${{ needs.setup.outputs.is_fork }}
|