From 012c3d25f313148734b4720e376ec24ff6089453 Mon Sep 17 00:00:00 2001
From: Riku Isokoski <riksu9000@gmail.com>
Date: Tue, 24 Jan 2023 12:01:22 +0200
Subject: workflow: Comment build size on all PRs

This works by uploading the data from the main workflow with low
permissions as an artifact, then downloading the data in a workflow with
higher permissions to post the comment.

Third party actions are fixed at a commit, in case they get compromised.

Also set the build-firmware VM to ubuntu-22.04, which was missed when
updating workflow deps earlier.
---
 .github/workflows/pr-comment.yml | 49 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 .github/workflows/pr-comment.yml

(limited to '.github/workflows/pr-comment.yml')

diff --git a/.github/workflows/pr-comment.yml b/.github/workflows/pr-comment.yml
new file mode 100644
index 00000000..b6eb97a5
--- /dev/null
+++ b/.github/workflows/pr-comment.yml
@@ -0,0 +1,49 @@
+# THIS WORKFLOW HAS WRITE PERMISSIONS TO THE REPO.
+# MAKE SURE IT NEVER RUNS ANY CODE FROM THE FORK
+
+name: PR comment
+
+on:
+  pull_request_target:
+    branches: [ develop ]
+    paths-ignore:
+      - 'doc/**'
+      - '**.md'
+
+jobs:
+  comment:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Wait for builds to finish
+      id: wait-for-build
+      uses: fountainhead/action-wait-for-check@297be350cf8393728ea4d4b39435c7d7ae167c93
+      with:
+        checkName: 'Compare build size'
+        token: ${{ secrets.GITHUB_TOKEN }}
+        ref: ${{ github.head_ref }}
+
+    - if: steps.wait-for-build.outputs.conclusion != 'success'
+      run: exit 1
+
+    - name: Download artifact
+      uses: dawidd6/action-download-artifact@bd10f381a96414ce2b13a11bfa89902ba7cea07f
+      with:
+        workflow: main.yml
+        pr: ${{ github.event.pull_request.number }}
+        name: comment
+
+    - name: Find Comment
+      id: find-comment
+      uses: peter-evans/find-comment@81e2da3af01c92f83cb927cf3ace0e085617c556
+      with:
+        issue-number: ${{ github.event.pull_request.number }}
+        comment-author: 'github-actions[bot]'
+        body-includes: Build size and comparison to
+
+    - name: Create or update comment
+      uses: peter-evans/create-or-update-comment@5adcb0bb0f9fb3f95ef05400558bdb3f329ee808
+      with:
+        comment-id: ${{ steps.find-comment.outputs.comment-id }}
+        issue-number: ${{ github.event.pull_request.number }}
+        body-file: comment
+        edit-mode: replace
-- 
cgit v1.2.3-70-g09d2