volatilemolotov commented on code in PR #27321:
URL: https://github.com/apache/beam/pull/27321#discussion_r1250400197
##########
.github/workflows/beam_PreCommit_Go.yml:
##########
@@ -1,37 +1,69 @@
-name: beam_PreCommit_Go
+name: Go Precommit
on:
push:
tags: ['v*']
branches: ['master', 'release-*']
- pull_request:
- branches: ['master']
+ pull_request_target:
+ branches: ['master', 'release-*' ]
paths: ['model/**', 'sdks/go.**', 'release/**']
issue_comment:
types: [created]
schedule:
- cron: '* */6 * * *'
+#Setting explicit permissions for the action to avoid the default permissions
which are `write-all` in case of pull_request_target event
+permissions:
+ actions: write
+ pull-requests: read
+ checks: read
+ contents: read
+ deployments: read
+ id-token: read
+ issues: read
+ discussions: read
+ packages: read
+ pages: read
+ repository-projects: read
+ security-events: read
+ statuses: read
+
jobs:
beam_PreCommit_Go:
- if: ${{github.event.issue.pull_request}} ||
${{github.event.comment.body == 'Run Go PreCommit'}} ||
${{github.event.schedule}}
- runs-on: [self-hosted, ubuntu-20.04]
- name: beam_PreCommit_Go
- steps:
- - name: Git checkout
- uses: actions/checkout@v3
- - name: Install Java
- uses: actions/[email protected]
- with:
- distribution: 'zulu'
- java-version: '8'
- - name: Install Go
- uses: actions/setup-go@v4
- with:
- go-version: '1.20'
- - name: Setup Gradle
- uses: gradle/gradle-build-action@v2
- with:
- cache-read-only: false
- - name: run goPreCommit script
- run: ./gradlew :goPreCommit
\ No newline at end of file
+ if: |
+ github.event_name == 'push' ||
+ github.event_name == 'pull_request_target' ||
+ github.event_name == 'schedule' ||
+ github.event.comment.body == 'Run Go PreCommit'
+ runs-on: [self-hosted, ubuntu-20.04]
+ name: beam_PreCommit_Go
+ steps:
+ - uses: actions/checkout@v3
+ with:
+ ref: ${{ github.event.pull_request.head.sha }}
+ - name: Install GH CLI
+ uses: dev-hanz-ops/[email protected]
Review Comment:
If the issue is the custom action we can put a simple and trasparent script
action for the time being
``` - name: Install GH Cli
run: |
wget
https://github.com/cli/cli/releases/download/v2.31.0/gh_2.31.0_linux_amd64.tar.gz
tar -xvf gh_2.31.0_linux_amd64.tar.gz
sudo mv gh_2.31.0_linux_amd64/bin/gh /usr/local/bin
```
In the meantime ill work on getting CLI into the image and shipping that
image
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
