Use gh api instead of third-party actions

Also move more steps to the unprivileged workflow.
2026-05-03 20:58:03 +02:00 · 2022-04-01 15:08:03 +13:00
parent 9116dbd670
commit e34911118f
2 changed files with 45 additions and 43 deletions
--- a/.github/workflows/post-pr-comment.yml
+++ b/.github/workflows/post-pr-comment.yml
@@ -25,7 +25,7 @@ jobs:

      - name: Check that PR SHA matches workflow SHA
        run: |
-          PR="$(grep -o '^[0-9]\+$' pr.txt)"
+          PR="$(grep -o '^[0-9]\+$' pr_number.txt)"
          PR_HEAD_SHA="$(gh api "/repos/${GITHUB_REPOSITORY}/pulls/${PR}" --jq .head.sha)"
          # Check that the pull-request head SHA matches the head SHA of the workflow run
          if [ "${WORKFLOW_RUN_HEAD_SHA}" != "${PR_HEAD_SHA}" ]; then
@@ -36,38 +36,22 @@ jobs:
          GITHUB_TOKEN: ${{ github.token }}
          WORKFLOW_RUN_HEAD_SHA: ${{ github.event.workflow_run.head_commit.id }}

-      # create-or-update-comment doesn't support fetching the comment directly
-      # from a file, so we have to output it from a step.
-      - id: get-comment-body
-        run: |
-          body="$(cat comment.txt)"
-          # Escape newlines - sadly required for some reason:
-          # https://github.community/t/set-output-truncates-multiline-strings/16852/3
-          body="${body//'%'/'%25'}"
-          body="${body//$'\n'/'%0A'}"
-          body="${body//$'\r'/'%0D'}"
-          echo "::set-output name=body::$body"
-
-      - id: get-pr-number
-        run: |
-          pr="$(cat pr.txt)"
-          echo "::set-output name=pr-number::$pr"
-
-      - name: Find existing comment, if it exists
-        uses: peter-evans/find-comment@v2
-        id: find-comment
-        with:
-          issue-number: ${{ steps.get-pr-number.outputs.pr-number }}
-          comment-author: 'github-actions[bot]'
-          body-includes: QHelp previews
-          direction: last
-          token: ${{ github.token }}
-
      - name: Create or update comment
-        uses: peter-evans/create-or-update-comment@v2
-        with:
-          comment-id: ${{ steps.find-comment.outputs.comment-id }}
-          issue-number: ${{ steps.get-pr-number.outputs.pr-number }}
-          edit-mode: replace
-          token: ${{ github.token }}
-          body: ${{ steps.get-comment-body.outputs.body }}
+        run: |
+          PR_NUMBER="$(grep -o '^[0-9]\+$' pr_number.txt)"
+          # comment_id.txt may be empty if there is no existing comment
+          if [ -s comment_id.txt ]
+          then
+            COMMENT_ID="$(grep -o '^[0-9]\+$' comment_id.txt)"
+          fi
+
+          if [ -z "$COMMENT_ID" ]
+          then
+            # Create new comment
+            jq --rawfile body comment_body.txt '{"body":$body}' -n | gh api "repos/${{ github.repository }}/issues/${PR_NUMBER}/comments" -X POST --input -
+          else
+            # Update existing comment
+            jq --rawfile body comment_body.txt '{"body":$body}' -n | gh api "repos/${{ github.repository }}/issues/comments/${COMMENT_ID}" -X PATCH --input -
+          fi
+        env:
+          GITHUB_TOKEN: ${{ github.token }}