feat(ci): Add pull_request_target workflow for fork PR connector test… #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Fork PR Connector Tests | ||
|
Check failure on line 1 in .github/workflows/fork-connector-tests.yml
|
||
| on: | ||
| pull_request_target: | ||
| types: | ||
| - opened | ||
| - synchronize | ||
| - reopened | ||
| - ready_for_review | ||
| permissions: | ||
| contents: read | ||
| statuses: write | ||
| pull-requests: write | ||
| jobs: | ||
| check-fork-and-trigger-tests: | ||
| name: Check Fork and Trigger Tests | ||
| runs-on: ubuntu-24.04 | ||
| if: github.event.pull_request.head.repo.full_name != github.repository | ||
| steps: | ||
| - name: Check if fork is from outside airbytehq org | ||
| id: check-fork | ||
| run: | | ||
| FORK_REPO="${{ github.event.pull_request.head.repo.full_name }}" | ||
| echo "fork-repo=$FORK_REPO" >> $GITHUB_OUTPUT | ||
| if [[ "$FORK_REPO" == airbytehq/* ]]; then | ||
| echo "is-external-fork=false" >> $GITHUB_OUTPUT | ||
| echo "Fork is from airbytehq org, skipping" | ||
| else | ||
| echo "is-external-fork=true" >> $GITHUB_OUTPUT | ||
| echo "Fork is external: $FORK_REPO" | ||
| fi | ||
| - name: Get fork owner | ||
| id: fork-owner | ||
| if: steps.check-fork.outputs.is-external-fork == 'true' | ||
| run: | | ||
| FORK_OWNER=$(echo "${{ steps.check-fork.outputs.fork-repo }}" | cut -d'/' -f1) | ||
| echo "owner=$FORK_OWNER" >> $GITHUB_OUTPUT | ||
| echo "Fork owner: $FORK_OWNER" | ||
| - name: Attempt to get GitHub App token for fork | ||
| id: get-app-token | ||
| if: steps.check-fork.outputs.is-external-fork == 'true' | ||
| continue-on-error: true | ||
| uses: actions/create-github-app-token@v2 | ||
| with: | ||
| app-id: ${{ secrets.OCTAVIA_BOT_APP_ID }} | ||
| private-key: ${{ secrets.OCTAVIA_BOT_PRIVATE_KEY }} | ||
| owner: ${{ steps.fork-owner.outputs.owner }} | ||
| - name: Post pending commit status | ||
| if: steps.get-app-token.outcome == 'success' | ||
| run: | | ||
| curl -X POST \ | ||
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | ||
| -H "Accept: application/vnd.github+json" \ | ||
| "${{ github.api_url }}/repos/${{ github.repository }}/statuses/${{ github.event.pull_request.head.sha }}" \ | ||
| -d '{ | ||
| "state": "pending", | ||
| "context": "Fork Connector Tests", | ||
| "description": "Running connector tests in fork with BYO secrets...", | ||
| "target_url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | ||
| }' | ||
| - name: Trigger connector tests in fork | ||
| id: trigger-tests | ||
| if: steps.get-app-token.outcome == 'success' | ||
| uses: the-actions-org/workflow-dispatch@v4 | ||
| with: | ||
| token: ${{ steps.get-app-token.outputs.token }} | ||
| repo: ${{ steps.check-fork.outputs.fork-repo }} | ||
| workflow: connector-ci-checks.yml | ||
| ref: ${{ github.event.pull_request.head.ref }} | ||
| wait-for-completion: true | ||
| wait-for-completion-timeout: 2h | ||
| wait-for-completion-interval: 30s | ||
| inputs: | | ||
| { | ||
| "repo": "${{ steps.check-fork.outputs.fork-repo }}", | ||
| "gitref": "${{ github.event.pull_request.head.ref }}", | ||
| "pr": "${{ github.event.pull_request.number }}" | ||
| } | ||
| - name: Post success commit status | ||
| if: steps.trigger-tests.outcome == 'success' && steps.trigger-tests.outputs.workflow-conclusion == 'success' | ||
| run: | | ||
| curl -X POST \ | ||
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | ||
| -H "Accept: application/vnd.github+json" \ | ||
| "${{ github.api_url }}/repos/${{ github.repository }}/statuses/${{ github.event.pull_request.head.sha }}" \ | ||
| -d '{ | ||
| "state": "success", | ||
| "context": "Fork Connector Tests", | ||
| "description": "Connector tests passed in fork with BYO secrets", | ||
| "target_url": "${{ steps.trigger-tests.outputs.workflow-url }}" | ||
| }' | ||
| - name: Post failure commit status | ||
| if: steps.get-app-token.outcome == 'success' && (steps.trigger-tests.outcome == 'failure' || steps.trigger-tests.outputs.workflow-conclusion != 'success') | ||
| run: | | ||
| curl -X POST \ | ||
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | ||
| -H "Accept: application/vnd.github+json" \ | ||
| "${{ github.api_url }}/repos/${{ github.repository }}/statuses/${{ github.event.pull_request.head.sha }}" \ | ||
| -d '{ | ||
| "state": "failure", | ||
| "context": "Fork Connector Tests", | ||
| "description": "Connector tests failed in fork with BYO secrets", | ||
| "target_url": "${{ steps.trigger-tests.outputs.workflow-url || format(''{0}/{1}/actions/runs/{2}'', github.server_url, github.repository, github.run_id) }}" | ||
| }' | ||
| - name: Comment on PR with results | ||
| if: steps.get-app-token.outcome == 'success' | ||
| uses: peter-evans/create-or-update-comment@v4 | ||
| with: | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| body: | | ||
| ## Fork Connector Tests Results | ||
| ${{ steps.trigger-tests.outputs.workflow-conclusion == 'success' && '✅ Tests passed' || '❌ Tests failed' }} | ||
| The connector tests ran in your fork's repository context using your BYO secrets. | ||
| [View test results](${{ steps.trigger-tests.outputs.workflow-url }}) | ||
| - name: Skip message for non-external forks | ||
| if: steps.check-fork.outputs.is-external-fork != 'true' | ||
| run: | | ||
| echo "Skipping fork connector tests - PR is not from an external fork" | ||
| - name: Skip message for missing GitHub App | ||
| if: steps.check-fork.outputs.is-external-fork == 'true' && steps.get-app-token.outcome != 'success' | ||
| run: | | ||
| echo "Skipping fork connector tests - GitHub App not installed on fork" | ||
| echo "Fork owner '${{ steps.fork-owner.outputs.owner }}' needs to install the Airbyte GitHub App" | ||
