kosiew opened a new pull request, #21951: URL: https://github.com/apache/datafusion/pull/21951
## Which issue does this PR close? <!-- We generally require a GitHub issue to be filed for all bug fixes and enhancements and this helps us generate change logs for our releases. You can link an issue to this PR using the GitHub syntax. For example `Closes #123` indicates that this PR will close issue #123. --> * Part of #21914. --- ## Rationale for this change The existing PR comment step was part of the `pull_request` workflow, which caused failures for forked PRs due to restricted `GITHUB_TOKEN` permissions (read-only). This resulted in `403 Resource not accessible by integration` errors when attempting to post comments. Additionally, updates to Cargo metadata can trigger `cargo-semver-checks` to build with all features enabled, pulling in dependencies (e.g., Substrait) that require `protoc`. Without installing `protoc`, the semver check environment may fail to build. This change improves both reliability and security by ensuring the workflow environment matches build requirements and by running comment updates in a context with appropriate permissions. --- ## What changes are included in this PR? * Introduced a new `workflow_run`-based workflow to handle PR comment updates after the semver check completes. * Removed the inline PR comment step from the main `pull_request` workflow. * Added logic to persist semver check results and logs as an artifact. * Downloaded and validated semver results in the follow-up workflow before posting comments. * Derived the PR number from the trusted `workflow_run` payload instead of storing it in artifacts. * Installed `protoc` in the semver check job when needed to support builds requiring protobuf. * Ensured unexpected semver results fail explicitly. --- ## Are these changes tested? No additional tests are included. These changes affect CI workflows and are validated through workflow execution. --- ## Are there any user-facing changes? No user-facing changes. These updates only affect CI behavior and internal workflow execution. --- ## LLM-generated code disclosure This PR includes LLM-generated code and comments. All LLM-generated content has been manually reviewed and tested. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
