Post Perf Results to PR #714
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Post Perf Results to PR | |
| # Runs after the Perf Tests workflow completes. Uses workflow_run so | |
| # the GITHUB_TOKEN is scoped to the base repo and can write PR comments | |
| # even when the PR comes from a fork. | |
| on: | |
| workflow_run: | |
| workflows: ['Perf Tests'] | |
| types: [completed] | |
| jobs: | |
| comment: | |
| name: Post PR Comment | |
| runs-on: ubuntu-latest | |
| if: > | |
| github.event.workflow_run.event == 'pull_request' && | |
| github.event.workflow_run.conclusion != 'cancelled' | |
| permissions: | |
| pull-requests: write | |
| actions: read | |
| steps: | |
| - name: Download perf results artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: perf-results | |
| path: perf-results | |
| run-id: ${{ github.event.workflow_run.id }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Read PR number | |
| id: pr | |
| run: | | |
| PR_FILE=$(find perf-results -name pr-number.txt -type f | head -1) | |
| if [ -z "$PR_FILE" ]; then | |
| echo "No PR number file found — skipping." | |
| echo "skip=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| PR_NUMBER=$(cat "$PR_FILE" | tr -d '[:space:]') | |
| # Validate: must be a positive integer to prevent injection via artifact poisoning | |
| if ! echo "$PR_NUMBER" | grep -qE '^[1-9][0-9]*$'; then | |
| echo "::error::Invalid PR number in artifact: not a positive integer" | |
| exit 1 | |
| fi | |
| echo "number=$PR_NUMBER" >> "$GITHUB_OUTPUT" | |
| echo "skip=false" >> "$GITHUB_OUTPUT" | |
| - name: Read markdown report | |
| id: report | |
| if: steps.pr.outputs.skip != 'true' | |
| run: | | |
| REPORT_FILE=$(find perf-results -name report.md -type f | head -1) | |
| if [ -z "$REPORT_FILE" ]; then | |
| echo "No report.md found — skipping." | |
| echo "skip=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| echo "path=$REPORT_FILE" >> "$GITHUB_OUTPUT" | |
| echo "skip=false" >> "$GITHUB_OUTPUT" | |
| - name: Post or update PR comment | |
| if: steps.pr.outputs.skip != 'true' && steps.report.outputs.skip != 'true' | |
| uses: actions/github-script@v7 | |
| env: | |
| REPORT_PATH: ${{ steps.report.outputs.path }} | |
| PR_NUMBER: ${{ steps.pr.outputs.number }} | |
| with: | |
| script: | | |
| const fs = require('fs'); | |
| const marker = '<!-- rnw-perf-results -->'; | |
| const reportPath = process.env.REPORT_PATH; | |
| const prNumber = parseInt(process.env.PR_NUMBER, 10); | |
| if (!Number.isInteger(prNumber) || prNumber <= 0) { | |
| core.setFailed('Invalid PR number from artifact — possible artifact poisoning.'); | |
| return; | |
| } | |
| const markdown = fs.readFileSync(reportPath, 'utf-8'); | |
| const body = `${marker}\n${markdown}`; | |
| // Find existing comment | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: prNumber, | |
| per_page: 100, | |
| }); | |
| const existing = comments.find(c => c.body && c.body.includes(marker)); | |
| if (existing) { | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: existing.id, | |
| body, | |
| }); | |
| core.info(`Updated existing comment (id: ${existing.id})`); | |
| } else { | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: prNumber, | |
| body, | |
| }); | |
| core.info('Created new comment'); | |
| } |