Touch Improvements to TextBox #275
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update API Suppressions | |
| on: | |
| issue_comment: | |
| types: [created] | |
| permissions: {} | |
| concurrency: | |
| group: update-api-${{ github.event.issue.number }} | |
| cancel-in-progress: true | |
| jobs: | |
| update-api: | |
| name: Update API Suppressions | |
| if: >- | |
| github.event.issue.pull_request | |
| && contains(github.event.comment.body, '/update-api') | |
| && contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Check maintainer permission | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const { data: permLevel } = await github.rest.repos.getCollaboratorPermissionLevel({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| username: context.payload.comment.user.login, | |
| }); | |
| const allowed = ['admin', 'maintain', 'write']; | |
| if (!allowed.includes(permLevel.permission)) { | |
| core.setFailed(`User @${context.payload.comment.user.login} does not have write access.`); | |
| } | |
| - name: Add reaction to acknowledge command | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| await github.rest.reactions.createForIssueComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: context.payload.comment.id, | |
| content: 'eyes', | |
| }); | |
| - name: Get PR branch info | |
| id: pr | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const { data: pr } = await github.rest.pulls.get({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| pull_number: context.issue.number, | |
| }); | |
| if (pr.head.repo.full_name !== `${context.repo.owner}/${context.repo.repo}`) { | |
| core.setFailed('Cannot run /update-api on fork PRs — would execute untrusted code with write permissions.'); | |
| return; | |
| } | |
| core.setOutput('ref', pr.head.ref); | |
| core.setOutput('sha', pr.head.sha); | |
| - name: Checkout PR branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ steps.pr.outputs.sha }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| submodules: recursive | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| global-json-file: global.json | |
| - name: Run ValidateApiDiff | |
| run: dotnet run --project ./nukebuild/_build.csproj -- ValidateApiDiff --update-api-suppression true | |
| - name: Commit and push changes | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git add api/ | |
| if git diff --cached --quiet; then | |
| echo "No API suppression changes to commit." | |
| else | |
| git commit -m "Update API suppressions" | |
| git push origin HEAD:${{ steps.pr.outputs.ref }} | |
| fi | |
| - name: Add success reaction | |
| if: success() | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| await github.rest.reactions.createForIssueComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: context.payload.comment.id, | |
| content: 'rocket', | |
| }); | |
| - name: Report failure | |
| if: failure() | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| await github.rest.reactions.createForIssueComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: context.payload.comment.id, | |
| content: '-1', | |
| }); | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| body: `❌ \`/update-api\` failed. [See logs](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}).`, | |
| }); |