From 4ed7ddffd7673cfbcda9ff358227b5a89918cc97 Mon Sep 17 00:00:00 2001 From: stktyagi Date: Tue, 24 Mar 2026 21:56:27 +0530 Subject: [PATCH 1/2] [chores] Improved CI failure bot caller Added enhancements to CI failure bot caller. --- .github/workflows/bot-ci-failure.yml | 12 ++++++++---- docs/developer/reusable-github-utils.rst | 24 ++++++++++++++---------- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/.github/workflows/bot-ci-failure.yml b/.github/workflows/bot-ci-failure.yml index f4f8add0..66249ea2 100644 --- a/.github/workflows/bot-ci-failure.yml +++ b/.github/workflows/bot-ci-failure.yml @@ -7,8 +7,8 @@ on: - completed permissions: - pull-requests: write - actions: write + pull-requests: read + actions: read contents: read concurrency: @@ -34,8 +34,8 @@ jobs: emit_pr() { local pr_number="$1" local pr_author - pr_author=$(gh pr view "$pr_number" --repo "$REPO" --json author --jq '.author.login' 2>/dev/null || echo "") - if [ -z "$pr_author" ]; then + pr_author=$(gh pr view "$pr_number" --repo "$REPO" --json author --jq '.author.login // empty' 2>/dev/null || echo "") + if [ -z "$pr_author" ] || [ "$pr_author" = "null" ]; then echo "::warning::Could not fetch PR author for PR #$pr_number" fi echo "number=$pr_number" >> "$GITHUB_OUTPUT" @@ -68,6 +68,10 @@ jobs: call-ci-failure-bot: needs: find-pr if: ${{ needs.find-pr.outputs.pr_number != '' }} + permissions: + pull-requests: write + actions: write + contents: read uses: openwisp/openwisp-utils/.github/workflows/reusable-bot-ci-failure.yml@master with: pr_number: ${{ needs.find-pr.outputs.pr_number }} diff --git a/docs/developer/reusable-github-utils.rst b/docs/developer/reusable-github-utils.rst index 8407a5c5..6639e559 100644 --- a/docs/developer/reusable-github-utils.rst +++ b/docs/developer/reusable-github-utils.rst @@ -383,8 +383,8 @@ job: - completed permissions: - pull-requests: write - actions: write + pull-requests: read + actions: read contents: read concurrency: @@ -410,8 +410,8 @@ job: emit_pr() { local pr_number="$1" local pr_author - pr_author=$(gh pr view "$pr_number" --repo "$REPO" --json author --jq '.author.login' 2>/dev/null || echo "") - if [ -z "$pr_author" ]; then + pr_author=$(gh pr view "$pr_number" --repo "$REPO" --json author --jq '.author.login // empty' 2>/dev/null || echo "") + if [ -z "$pr_author" ] || [ "$pr_author" = "null" ]; then echo "::warning::Could not fetch PR author for PR #$pr_number" fi echo "number=$pr_number" >> "$GITHUB_OUTPUT" @@ -427,16 +427,16 @@ job: echo "Payload empty. Searching for PR via Commits API..." PR_NUMBER=$(gh api repos/$REPO/commits/$HEAD_SHA/pulls -q '.[0].number' 2>/dev/null || true) if [ -n "$PR_NUMBER" ] && [ "$PR_NUMBER" != "null" ]; then - echo "Found PR #$PR_NUMBER using Commits API." - emit_pr "$PR_NUMBER" - exit 0 + echo "Found PR #$PR_NUMBER using Commits API." + emit_pr "$PR_NUMBER" + exit 0 fi echo "API lookup failed/empty. Scanning open PRs for matching head SHA..." PR_NUMBER=$(gh pr list --repo "$REPO" --state open --limit 100 --json number,headRefOid --jq ".[] | select(.headRefOid == \"$HEAD_SHA\") | .number" | head -n 1) if [ -n "$PR_NUMBER" ]; then - echo "Found PR #$PR_NUMBER by scanning open PRs." - emit_pr "$PR_NUMBER" - exit 0 + echo "Found PR #$PR_NUMBER by scanning open PRs." + emit_pr "$PR_NUMBER" + exit 0 fi echo "::warning::No open PR found. This workflow run might not be attached to an open PR." exit 0 @@ -444,6 +444,10 @@ job: call-ci-failure-bot: needs: find-pr if: ${{ needs.find-pr.outputs.pr_number != '' }} + permissions: + pull-requests: write + actions: write + contents: read uses: openwisp/openwisp-utils/.github/workflows/reusable-bot-ci-failure.yml@master with: pr_number: ${{ needs.find-pr.outputs.pr_number }} From 75f0b131009a7237b414fdb5072de52f4a339d7f Mon Sep 17 00:00:00 2001 From: stktyagi Date: Tue, 24 Mar 2026 21:59:52 +0530 Subject: [PATCH 2/2] [fix] Fixed spacing in docs Fixed spacing in updated docs --- docs/developer/reusable-github-utils.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/developer/reusable-github-utils.rst b/docs/developer/reusable-github-utils.rst index 6639e559..f93a6e1d 100644 --- a/docs/developer/reusable-github-utils.rst +++ b/docs/developer/reusable-github-utils.rst @@ -427,16 +427,16 @@ job: echo "Payload empty. Searching for PR via Commits API..." PR_NUMBER=$(gh api repos/$REPO/commits/$HEAD_SHA/pulls -q '.[0].number' 2>/dev/null || true) if [ -n "$PR_NUMBER" ] && [ "$PR_NUMBER" != "null" ]; then - echo "Found PR #$PR_NUMBER using Commits API." - emit_pr "$PR_NUMBER" - exit 0 + echo "Found PR #$PR_NUMBER using Commits API." + emit_pr "$PR_NUMBER" + exit 0 fi echo "API lookup failed/empty. Scanning open PRs for matching head SHA..." PR_NUMBER=$(gh pr list --repo "$REPO" --state open --limit 100 --json number,headRefOid --jq ".[] | select(.headRefOid == \"$HEAD_SHA\") | .number" | head -n 1) if [ -n "$PR_NUMBER" ]; then - echo "Found PR #$PR_NUMBER by scanning open PRs." - emit_pr "$PR_NUMBER" - exit 0 + echo "Found PR #$PR_NUMBER by scanning open PRs." + emit_pr "$PR_NUMBER" + exit 0 fi echo "::warning::No open PR found. This workflow run might not be attached to an open PR." exit 0