Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce workflows for receiving comments on a PR #1357

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

rickie
Copy link
Member

@rickie rickie commented Oct 9, 2024

Credits to @timtebeek for helping out with setting this up!

@@ -0,0 +1,56 @@
# Description: This workflow is triggered when the `receive-pr` workflow completes to post suggestions on the PR.

Check failure

Code scanning / Scorecard

Token-Permissions High

score is 0: no topLevel permission defined
Remediation tip: Visit https://app.stepsecurity.io/secureworkflow.
Tick the 'Restrict permissions for GITHUB_TOKEN'
Untick other options
NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead.
Click Remediation section below for further remediation help
.github/workflows/comment-pr.yml Fixed Show fixed Hide fixed
.github/workflows/comment-pr.yml Fixed Show fixed Hide fixed
repository: ${{github.event.workflow_run.head_repository.full_name}}

# Download the patch
- uses: actions/download-artifact@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
rm git-diff.patch

# Download the PR number
- uses: actions/download-artifact@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
@@ -0,0 +1,54 @@
# Description: This workflow runs OpenRewrite recipes against opened pull request and upload the patch.

Check failure

Code scanning / Scorecard

Token-Permissions High

score is 0: no topLevel permission defined
Remediation tip: Visit https://app.stepsecurity.io/secureworkflow.
Tick the 'Restrict permissions for GITHUB_TOKEN'
Untick other options
NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead.
Click Remediation section below for further remediation help
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
.github/workflows/receive-pr.yml Fixed Show fixed Hide fixed
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#using-data-from-the-triggering-workflow
- name: Create pr_number.txt
run: echo "${{ github.event.number }}" > pr_number.txt
- uses: actions/upload-artifact@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
.github/workflows/receive-pr.yml Fixed Show fixed Hide fixed
Copy link

github-actions bot commented Oct 9, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

rm pr_number.txt

# Post suggestions as a comment on the PR
- uses: googleapis/code-suggester@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: third-party GitHubAction not pinned by hash
Click Remediation section below to solve this issue
- name: Create patch
run: |
git diff | tee git-diff.patch
- uses: actions/upload-artifact@v4

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
Copy link

github-actions bot commented Oct 9, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
timeout-minutes: 10
steps:
- uses: actions/a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue
@@ -37,7 +37,7 @@
java-distribution: temurin
maven-version: 3.9.9
- name: Download Pitest analysis artifact
uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4
uses: dawidd6/action-download-artifact@`09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4`

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 8: third-party GitHubAction not pinned by hash
Click Remediation section below to solve this issue
Copy link

github-actions bot commented Oct 9, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

2 similar comments
Copy link

github-actions bot commented Oct 9, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

Copy link

github-actions bot commented Oct 9, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@rickie rickie force-pushed the rossendrijver/setup_comments_for_ep branch from c3c1299 to 7d977af Compare October 13, 2024 15:44
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

1 similar comment
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@rickie rickie force-pushed the rossendrijver/setup_comments_for_ep branch from 7d977af to 05369eb Compare October 14, 2024 07:54
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

Copy link

@rickie rickie marked this pull request as draft November 10, 2024 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant