feat: added safety firewall #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request | |
on: | |
pull_request: | |
types: [opened, synchronize] | |
branches: [main] | |
jobs: | |
build-preview: | |
uses: ./.github/workflows/reusable-build.yml | |
with: | |
bump-command: "local-bump" | |
branch-name: ${{ github.head_ref }} | |
comment: | |
needs: build-preview | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Comment PR | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
const version = '${{ needs.build-preview.outputs.package-version }}' | |
const artifactsUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}/` | |
const comment = ` | |
## 🚀 Build artifacts are ready for testing! | |
Download the wheel file and binaries with gh CLI or from the [workflow artifacts](${artifactsUrl}). | |
### 📦 Install & Run | |
#### Pre-requisites | |
\`\`\`bash | |
# Install uv if needed | |
curl -LsSf https://astral.sh/uv/install.sh | sh | |
# Create and enter artifacts directory | |
mkdir artifacts && cd artifacts | |
\`\`\` | |
#### Quick Test with Python Package | |
\`\`\`bash | |
# Download and run with uv | |
gh run download ${context.runId} -n dist | |
uv run --with safety-${version}-py3-none-any.whl safety --version | |
\`\`\` | |
#### Binary Installation | |
\`\`\`bash | |
# Linux | |
gh run download ${context.runId} -n safety-linux -D linux | |
cd linux && mv safety safety-pr && chmod +x safety-pr | |
# macOS | |
gh run download ${context.runId} -n safety-macos -D macos | |
cd macos && mv safety safety-pr && chmod +x safety-pr | |
./safety-pr --version | |
\`\`\` | |
> Note: You need to be logged in to GitHub to access the artifacts. | |
` | |
const { data: comments } = await github.rest.issues.listComments({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.issue.number, | |
}) | |
const botComment = comments.find(comment => | |
comment.user.type === 'Bot' && | |
comment.body.includes('Build artifacts are ready for testing!') | |
) | |
if (botComment) { | |
await github.rest.issues.updateComment({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
comment_id: botComment.id, | |
body: comment | |
}) | |
} else { | |
await github.rest.issues.createComment({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
issue_number: context.issue.number, | |
body: comment | |
}) | |
} |