Run end-to-end tests on external PR approval #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run end-to-end tests on external PR approval | |
| on: | |
| workflow_run: | |
| workflows: ["Trigger end-to-end tests on external PR approval"] | |
| types: | |
| - completed | |
| concurrency: | |
| group: ${{ github.event_name }}-${{ github.ref }} | |
| jobs: | |
| e2e: | |
| name: End-to-end tests | |
| runs-on: ubuntu-latest | |
| if: github.event.workflow_run.conclusion == 'success' | |
| permissions: | |
| actions: read | |
| pull-requests: write | |
| contents: write | |
| steps: | |
| - name: Generate a token | |
| id: generate_token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.E2E_APP_ID }} | |
| private-key: ${{ secrets.E2E_APP_PRIVATE_KEY }} | |
| - name: Extract PR number from artifact | |
| id: extract_pr_number | |
| run: > | |
| gh api | |
| --method GET | |
| "/repos/py-cov-action/python-coverage-comment-action/actions/runs/${RUN_ID}/artifacts" | |
| -F name="pr_number" | |
| --jq '[.artifacts[]] | last | .archive_download_url' | |
| | xargs gh api | |
| | funzip | |
| > "${GITHUB_OUTPUT}" | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| RUN_ID: ${{ github.event.workflow_run.id }} | |
| - name: Extract the approved commit | |
| id: extract_commit | |
| run: | | |
| COMMIT_ID=$(gh pr --repo py-cov-action/python-coverage-comment-action view "${PR_NUMBER}" --json reviews --jq '[.reviews[] | select(.state == "APPROVED" and .authorAssociation == "MEMBER" and (.body | contains("/e2e")) ) | .commit.oid] | last') | |
| if [ -z "${COMMIT_ID}" ]; then | |
| echo "No approved commit found" | |
| exit 1 | |
| fi | |
| echo "COMMIT_ID=${COMMIT_ID}" > "${GITHUB_OUTPUT}" | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| PR_NUMBER: ${{ steps.extract_pr_number.outputs.PR_NUMBER }} | |
| - name: Create PR check | |
| id: create_check | |
| run: > | |
| gh api | |
| "repos/py-cov-action/python-coverage-comment-action/check-runs" | |
| -X POST | |
| -F name="End-to-end tests (external PR)" | |
| -F head_sha="${HEAD_SHA}" | |
| -F status="in_progress" | |
| -F started_at="$(date -u +%FT%TZ)" | |
| -F details_url="$(gh api "/repos/py-cov-action/python-coverage-comment-action/actions/jobs/${JOB_ID}" --jq '.url')" | |
| --jq '"CHECK_RUN_ID=" + (.id | tostring)' > "${GITHUB_OUTPUT}" | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| HEAD_SHA: ${{ steps.extract_commit.outputs.COMMIT_ID }} | |
| JOB_ID: ${{ github.job }} | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| # Important: use the commit that was reviewed. GitHub is making sure | |
| # that this is race-condition-proof | |
| ref: ${{ steps.extract_commit.outputs.COMMIT_ID }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install Poetry | |
| run: | | |
| pipx install poetry --python=python3.11 | |
| - name: Poetry caches | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cache/ | |
| key: ${{ hashFiles('poetry.lock') }} | |
| - name: Install deps | |
| run: poetry install | |
| - name: Run end-to-end tests | |
| run: poetry run pytest tests/end_to_end | |
| env: | |
| COVERAGE_COMMENT_E2E_GITHUB_TOKEN_USER_1: ${{ secrets.COVERAGE_COMMENT_E2E_GITHUB_TOKEN_USER_1 }} | |
| COVERAGE_COMMENT_E2E_GITHUB_TOKEN_USER_2: ${{ secrets.COVERAGE_COMMENT_E2E_GITHUB_TOKEN_USER_2 }} | |
| COVERAGE_COMMENT_E2E_ACTION_REF: ${{ steps.extract_commit.outputs.COMMIT_ID }} | |
| COVERAGE_COMMENT_E2E_REPO_SUFFIX: ${{ steps.extract_pr_number.outputs.PR_NUMBER }} | |
| - name: Report results to Check | |
| if: always() && steps.create_check.outputs.CHECK_RUN_ID | |
| run: > | |
| gh api | |
| "repos/py-cov-action/python-coverage-comment-action/check-runs/${CHECK_RUN_ID}" | |
| -X PATCH | |
| -F conclusion=${JOB_STATUS} | |
| -F status=completed | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| CHECK_RUN_ID: ${{ steps.create_check.outputs.CHECK_RUN_ID }} | |
| JOB_STATUS: ${{ job.status }} |