fix(#2045): use PR head SHA in status comment instead of GITHUB_SHA#2048
Conversation
Site previewPreview: https://87d2a21d-site.fullsend-ai.workers.dev Commit: |
|
🤖 Review · Started 8:33 PM UTC |
ReviewFindingsMedium
Low
Info
Previous runReviewFindingsMedium
Low
|
|
🤖 Finished Review · ✅ Success · Started 8:33 PM UTC · Completed 8:44 PM UTC |
In cross-repo workflow_dispatch mode, GITHUB_SHA points to the .fullsend config repo's default branch HEAD, not the PR's actual head commit. This made the status comment's "Commit:" line show an unrelated SHA. - dispatch.yml / reusable-dispatch.yml: include pull_request.head.sha in the event payload forwarded to agent workflows - run.go: add prHeadSHAFromEventPath() to extract the real SHA from the workflow_dispatch event file, preferring it over GITHUB_SHA Closes #2045 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Greg Allen <gallen@redhat.com>
67f8afc to
50a7389
Compare
|
🤖 Finished Review · ✅ Success · Started 10:44 AM UTC · Completed 10:54 AM UTC |
|
🤖 Finished Retro · ✅ Success · Started 11:26 AM UTC · Completed 11:38 AM UTC |
Retro: PR #2048 —
|
Add a new bold-titled paragraph documenting that dispatch.yml and reusable-dispatch.yml must stay in sync, following the same pattern used for the mint function sync guidance. This addresses a documentation gap that caused PR fullsend-ai#2048 to miss syncing a jq payload change across the two files. Note: make lint could not run in sandbox due to Go module cache permission errors. This is a documentation-only change with no Go code modified. Closes fullsend-ai#2067
In cross-repo workflow_dispatch mode, GITHUB_SHA points to the .fullsend config repo's default branch HEAD, not the PR's actual head commit. This made the status comment's "Commit:" line show an unrelated SHA.
Two changes fix this:
dispatch.yml: Include pull_request.head.sha in the event
payload that gets forwarded to agent workflows. Previously
only head.ref and head.repo were extracted.
run.go: Add prHeadSHAFromEventPath() which reads the
workflow_dispatch event file (GITHUB_EVENT_PATH), parses
the nested event_payload JSON string, and extracts
pull_request.head.sha. setupStatusNotifier() now prefers
this value over GITHUB_SHA when available, falling back
gracefully for non-PR events or direct triggers.
Note: pre-commit could not run in sandbox (gitleaks install failed due to Go module cache permissions). The post-script runs pre-commit authoritatively on the runner.
Closes #2045
Post-script verification
agent/2045-status-comment-sha)c4f2c746654a35a9a0d904082ad2326a2ecc56af..HEAD)