Skip to content

Commit 64c6f37

Browse files
karlatectomzawadzki
authored andcommitted
Ignore private changes and comments
Do not process events from changes which are either private or belong to branches where anonymous user doesn't have access (e.g. refs/meta/config branches). If it's not readable by anonymous user - don't run it. Signed-off-by: Karol Latecki <[email protected]>
1 parent 19de9fd commit 64c6f37

File tree

2 files changed

+15
-4
lines changed

2 files changed

+15
-4
lines changed

.github/scripts/parse_false_positive_comment.sh

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ spdk_repo=$REPO
1717
gerrit_comment=$COMMENT
1818
reported_by=$AUTHOR
1919

20-
gerrit_url=https://review.spdk.io/a/changes
20+
gerrit_url=https://review.spdk.io/changes
2121
gerrit_format_q="o=DETAILED_ACCOUNTS&o=MESSAGES&o=LABELS&o=SKIP_DIFFSTAT"
2222

2323
# Looking for comment thats only content is "false positive: 123", with a leeway for no spaces
@@ -48,6 +48,12 @@ curl -s -X GET \
4848
"$gerrit_url/spdk%2Fspdk~$change_num?$gerrit_format_q" \
4949
| tail -n +2 | jq . | tee change.json
5050

51+
if [[ ! -s change.json ]]; then
52+
echo "Change $change_num not found, exiting."
53+
echo "Either it's a private change or in restricted branch."
54+
exit 0
55+
fi
56+
5157
# Do not test any change marked as WIP
5258
# .work_in_progress is not set when false
5359
work_in_progress="$(jq -r '.work_in_progress' change.json)"

.github/workflows/gerrit-webhook-handler.yml

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -47,9 +47,14 @@ jobs:
4747
set -x
4848
4949
# Get latest info about a change itself
50-
curl -s -X GET "https://review.spdk.io/a/changes/spdk%2Fspdk~${{ env.change_num }}?o=DETAILED_ACCOUNTS&o=LABELS&o=SKIP_DIFFSTAT" \
51-
--user "${{ secrets.GERRIT_BOT_USER }}:${{ secrets.GERRIT_BOT_HTTP_PASSWD }}" \
52-
| tail -n +2 > change.json
50+
curl -s -X GET "https://review.spdk.io/changes/spdk%2Fspdk~${{ env.change_num }}?o=DETAILED_ACCOUNTS&o=LABELS&o=SKIP_DIFFSTAT" \
51+
| tail -n +2 > change.json
52+
53+
if [[ ! -s change.json ]]; then
54+
echo "Change ${{ env.change_num }} not found, exiting."
55+
echo "Either it's a private change or in restricted branch."
56+
gh run cancel ${{ github.run_id }} -R ${{ github.repository }}
57+
fi
5358
5459
# Do not test any change marked as WIP
5560
# .work_in_progress is not set when false

0 commit comments

Comments
 (0)