Skip to content

build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#1314) #438

build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#1314)

build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#1314) #438

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
name: CoC insight analysis
run-name: ${{ github.event.workflow_run.display_title || github.workflow }}
on:
workflow_run:
workflows:
- "Lint compositional_skills and knowledge"
types:
- completed
env:
LC_ALL: en_US.UTF-8
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
insight-analysis:
runs-on: ubuntu-latest
if: ${{ (github.event.workflow_run.event == 'pull_request') && (github.repository == 'instructlab/taxonomy') && (github.event.workflow_run.conclusion == 'success') }}
name: Run insight analysis
steps:
- name: "Harden Runner"
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: "Debug info"
run: |
jq '.' "$GITHUB_EVENT_PATH"
- name: "Download Pull Request number"
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: pull_request_number
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: "Get Pull Request number"
run: |
echo "PULL_REQUEST_NUMBER=$(cat pull_request_number.txt)" >> "$GITHUB_ENV"
- name: "Invoke insight analysis handler"
if: ${{ fromJSON(env.PULL_REQUEST_NUMBER) != 0 }}
run: |
curl -X "POST" "https://pr-analysis-handler.1fuhf5gskmng.us-east.codeengine.appdomain.cloud/analyze-pr?pr_number=${PULL_REQUEST_NUMBER}&owner=${REPOSITORY_OWNER}&repo=${REPOSITORY_NAME}" -H "accept: application/json" -H "Authorization: Bearer ${ANALYSIS_TOKEN}"
env:
REPOSITORY_OWNER: ${{ github.repository_owner }}
REPOSITORY_NAME: ${{ github.event.repository.name }}
ANALYSIS_TOKEN: ${{ secrets.COC_ANALYSIS_TOKEN }}