|
23 | 23 | lint:
|
24 | 24 | name: Lint
|
25 | 25 | runs-on: ubuntu-latest
|
| 26 | + permissions: |
| 27 | + contents: read |
26 | 28 | steps:
|
| 29 | + # NOTE: When running on a pull_request_target, we're checking out the repo |
| 30 | + # twice. The first checkout is for the base branch of the PR. The second, |
| 31 | + # for the merge commit. We do this to be able to use the `setup-env` |
| 32 | + # action that's on the base branch. |
27 | 33 | - uses: actions/checkout@v4
|
| 34 | + with: |
| 35 | + persist-credentials: false |
| 36 | + - uses: actions/checkout@v4 |
| 37 | + if: github.event_name == 'pull_request_target' |
| 38 | + with: |
| 39 | + ref: "refs/pull/${{ github.event.number }}/merge" |
| 40 | + persist-credentials: false |
| 41 | + - if: github.event_name == 'pull_request_target' |
| 42 | + name: Check out setup-env action from the base branch |
| 43 | + run: git checkout --no-overlay $GITHUB_SHA -- .github/actions/setup-env |
28 | 44 | - uses: ./.github/actions/setup-env
|
29 | 45 | - name: Install
|
30 | 46 | run: pnpm install --frozen-lockfile --prefer-offline
|
|
40 | 56 | - name: Lint website
|
41 | 57 | working-directory: docs/
|
42 | 58 | run: pnpm lint
|
| 59 | + comment: |
| 60 | + needs: [lint] |
| 61 | + if: failure() && github.event_name == 'pull_request_target' && needs.lint.result == 'failure' |
| 62 | + name: Comment |
| 63 | + runs-on: ubuntu-latest |
| 64 | + permissions: |
| 65 | + pull-requests: write |
| 66 | + steps: |
| 67 | + - uses: actions/github-script@v7 |
| 68 | + name: Comment on failure |
| 69 | + with: |
| 70 | + script: | |
| 71 | + github.rest.issues.createComment({ |
| 72 | + issue_number: context.issue.number, |
| 73 | + owner: context.repo.owner, |
| 74 | + repo: context.repo.repo, |
| 75 | + body: "Thanks for submitting this PR!\n\nUnfortunately, it has some linter errors, so we can't merge it yet. Can you please fix them?\n\nRunning pnpm lint:fix in the root of the repository may fix them automatically." |
| 76 | + }) |
0 commit comments