Skip to content

update codecov-action #140488

update codecov-action

update codecov-action #140488

# Dispatch a request to getsentry to run getsentry test suites
name: getsentry dispatcher
on:
# XXX: We are using `pull_request_target` instead of `pull_request` because we want
# this to run on forks. It allows forks to access secrets safely by
# only running workflows from the main branch. Prefer to use `pull_request` when possible.
#
# See https://github.com/getsentry/sentry/pull/21600 for more details
pull_request_target:
types: [labeled, opened, reopened, synchronize]
# disable all other special privileges
permissions:
# needed for `actions/checkout` to clone the code
contents: read
# needed to remove the pull-request label
pull-requests: write
jobs:
dispatch:
if: "github.event.action != 'labeled' || github.event.label.name == 'Trigger: getsentry tests'"
name: getsentry dispatch
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: permissions
run: |
python3 -uS .github/workflows/scripts/getsentry-dispatch-setup \
--repo-id ${{ github.event.repository.id }} \
--pr ${{ github.event.number }} \
--event ${{ github.event.action }} \
--username "$ARG_USERNAME" \
--label-names "$ARG_LABEL_NAMES"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# these can contain special characters
ARG_USERNAME: ${{ github.event.pull_request.user.login }}
ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }}
- name: Check for file changes
uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # v3.0.0
id: changes
with:
token: ${{ github.token }}
filters: .github/file-filters.yml
- name: getsentry token
uses: getsentry/action-github-app-token@d4b5da6c5e37703f8c3b3e43abb5705b46e159cc # v3.0.0
id: getsentry
with:
app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }}
private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
- name: Wait for PR merge commit
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
id: mergecommit
with:
github-token: ${{ steps.getsentry.outputs.token }}
script: |
require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/wait-for-merge-commit`).waitForMergeCommit({
github,
context,
core,
});
- name: Dispatch getsentry tests
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
github-token: ${{ steps.getsentry.outputs.token }}
script: |
require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/scripts/getsentry-dispatch`).dispatch({
github,
context,
core,
mergeCommitSha: '${{ steps.mergecommit.outputs.mergeCommitSha }}',
fileChanges: ${{ toJson(steps.changes.outputs) }},
});