feat: awaitCallWithRounds method on PocketIcClient
#304
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Runs various checks on pull requests coming from external contributors | |
| name: External PR Ruleset | |
| on: | |
| pull_request_target: | |
| merge_group: # merge group is always needed for a required workflows to prevent them from getting stuck, but we then skip it below | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| jobs: | |
| revoke-approvals: | |
| name: Check Revoke Approvals | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository | |
| steps: | |
| - name: Dismiss Pull Request Reviews | |
| if: ${{ ! github.event.pull_request_target.draft }} | |
| run: | | |
| set -euo pipefail | |
| # get existing reviews | |
| reviews=$(curl -s -H "Authorization: token ${GH_TOKEN}" \ | |
| "https://api.github.com/repos/${GH_ORG}/${REPO}/pulls/${PULL_NUMBER}/reviews") | |
| # If no reviews were given, then exit script | |
| if [ -z "$reviews" ] || [ "$reviews" == "[]" ]; then | |
| echo "No reviews to dismiss" | |
| exit 0 | |
| fi | |
| # dismiss PR reviews | |
| for review_id in $(echo "${reviews}" | jq -r '.[] | select(.state == "APPROVED") | .id'); do | |
| response=$(curl -s -o /dev/null -w "%{http_code}" -X PUT -H "Authorization: token ${GH_TOKEN}" \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| -d '{"message": "Review dismissed by automation script."}' \ | |
| "https://api.github.com/repos/${GH_ORG}/${REPO}/pulls/${PULL_NUMBER}/reviews/${review_id}/dismissals") | |
| if [ "$response" -eq 200 ]; then | |
| echo "Dismissed review ${review_id}" | |
| else | |
| echo "Failed to dismiss review ${review_id}, HTTP status code: $response" | |
| exit 1 | |
| fi | |
| done | |
| shell: bash | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # actor is github actions with above permissions | |
| GH_ORG: ${{ github.repository_owner }} | |
| REPO: ${{ github.event.repository.name }} | |
| PULL_NUMBER: ${{ github.event.pull_request.number }} | |
| check-external-file-changes: | |
| name: Check Unallowed File Changes | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository | |
| steps: | |
| - name: Checkout EXTERNAL_CONTRIB_BLACKLIST from ${{ github.repository }} | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| path: repo | |
| # actions/checkout will checkout the target repo and default branch by default | |
| # when triggered by pull_request_target. However for security reasons we want to | |
| # be explicit here. | |
| repository: ${{ github.repository }} | |
| ref: ${{ github.event.repository.default_branch }} | |
| sparse-checkout: .github/repo_policies/EXTERNAL_CONTRIB_BLACKLIST | |
| - name: Checkout check_external_changes.py from dfinity/public-workflows | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| repository: dfinity/public-workflows | |
| path: public-workflows | |
| sparse-checkout: reusable_workflows/repo_policies/check_external_changes.py | |
| - name: Get changed files | |
| uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5 | |
| with: | |
| use_rest_api: true | |
| json: true | |
| write_output_files: true | |
| - name: Check External Changes | |
| if: ${{ hashFiles('repo/.github/repo_policies/EXTERNAL_CONTRIB_BLACKLIST') != '' }} | |
| id: check_external_changes | |
| run: public-workflows/reusable_workflows/repo_policies/check_external_changes.py | |
| env: | |
| # populated by the action | |
| # https://github.com/tj-actions/changed-files/blob/d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449/README.md?plain=1#L569-L572 | |
| CHANGED_FILES_JSON_PATH: ".github/outputs/all_changed_and_modified_files.json" | |
| EXTERNAL_CONTRIB_BLACKLIST_PATH: "repo/.github/repo_policies/EXTERNAL_CONTRIB_BLACKLIST" | |
| - name: Close PR | |
| uses: actions/github-script@v7 | |
| if: ${{ !cancelled() && steps.check_external_changes.conclusion == 'failure' }} | |
| with: | |
| script: | | |
| github.rest.pulls.update({ | |
| pull_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| state: 'closed' | |
| }) | |
| let message = "Closed Pull Request since changes were made to [unallowed files](${{ github.server_url }}/${{ github.repository }}/blob/${{ github.event.repository.default_branch }}/.github/repo_policies/EXTERNAL_CONTRIB_BLACKLIST).\n\n" | |
| message += 'Please see details here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n\n' | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: message | |
| }) | |
| check-cla: | |
| name: Check CLA | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository | |
| steps: | |
| - name: Create GitHub App Token | |
| uses: actions/create-github-app-token@v1 | |
| id: app-token | |
| with: | |
| app-id: ${{ vars.CLA_BOT_APP_ID }} | |
| private-key: ${{ secrets.CLA_BOT_PRIVATE_KEY }} | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: 'dfinity/public-workflows' | |
| - name: Python Setup | |
| uses: ./.github/workflows/python-setup | |
| - name: Check if can contribute | |
| id: can_contribute | |
| run: | | |
| export PYTHONPATH="$PWD/reusable_workflows/" | |
| python reusable_workflows/check_cla/check_can_contribute.py | |
| shell: bash | |
| env: | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| REPO: ${{ github.event.repository.name }} | |
| USER: ${{ github.event.pull_request.user.login }} | |
| - name: Close Pull Request | |
| id: close_pr | |
| if: ${{ steps.can_contribute.outputs.can_contribute != 'true' }} | |
| uses: superbrothers/close-pull-request@9c18513d320d7b2c7185fb93396d0c664d5d8448 #v3 | |
| with: | |
| comment: | | |
| Thank you for contributing! Unfortunately this repository does not accept external contributions yet. | |
| We are working on enabling this by aligning our internal processes and our CI setup to handle external contributions. However this will take some time to set up so in the meantime we unfortunately have to close this Pull Request. | |
| We hope you understand and will come back once we accept external PRs. | |
| — The DFINITY Foundation | |
| - name: Add Label | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ steps.app-token.outputs.token }} | |
| script: | | |
| github.rest.issues.addLabels({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| labels: ["external-contributor"] | |
| }) | |
| - name: Check CLA | |
| id: check-cla | |
| run: | | |
| export PYTHONPATH="$PWD/reusable_workflows/" | |
| python reusable_workflows/check_cla/check_cla_pr.py | |
| shell: bash | |
| if: ${{ steps.can_contribute.outputs.can_contribute == 'true' }} | |
| env: | |
| GH_ORG: ${{ github.repository_owner }} | |
| GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
| REPO: ${{ github.event.repository.name }} | |
| PR_ID: ${{ github.event.number }} |