-
Notifications
You must be signed in to change notification settings - Fork 3.9k
[ci] use GitHub built-in token, switch comment-triggered jobs to workflow dispatch (fixes #7012) #7035
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
Workflow R valgrind tests has been triggered! 🚀 https://github.com/microsoft/LightGBM/actions/runs/17786041154 Status: success ✔️ |
Workflow R valgrind tests has been triggered! 🚀 https://github.com/microsoft/LightGBM/actions/runs/17786462804 Status: success ✔️ |
Workflow R valgrind tests has been triggered! 🚀 https://github.com/microsoft/LightGBM/actions/runs/17817251491 Status: success ✔️ |
98c2763
to
6c681d6
Compare
…htGBM into fix/comment-triggered-jobs
Workflow R valgrind tests has been triggered! 🚀 https://github.com/microsoft/LightGBM/actions/runs/17875748943 Status: success ✔️ |
type: string | ||
description: Pull request ID, found in the PR URL. | ||
|
||
permissions: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I used a few commits to find the minimal set of permissions needed for this workflow to run... I believe this is a tightly-scoped as is possible.
docs: https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#permissions
description: | | ||
branch the PR was submitted from. | ||
Branches from forks should be prefixed with the user/org they originate from, | ||
like '{user}:{branch}'. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Proposing we merge this PR to master
to test how this works with forks, but I think this is right based on what I see at https://github.com/microsoft/LightGBM/actions/workflows/r_package.yml

echo "Checking status of workflow run '${LATEST_RUN_ID}'" | ||
gh run view \ | ||
--repo "microsoft/LightGBM" \ | ||
--exit-status \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This ensures a non-0 exit code if the last run was not successful.
@jameslamb Could you please resolve merge conflicts? |
Resolved conflicts, I think this is ready for review. |
Fixes #7012
Proposes:
/gha run r-valgrind
) with using workflow dispatch (manually clicking "run workflow" in the GitHub UI)get-workflow-status.py
from Python to a shell scripts using thegh
CLIAnd some other small improvements to the
r-configure
andr-valgrind
workflows.r-configure
job, so commits are tied to the official GitHub bot and not https://github.com/GitHubActionsBotNotes for Reviewers
Benefits of these changes
triggering_comments.yml
workflow)master
first!How I tested this
Temporarily added
on.push:
blocks to ther-configure
andr-valgrind
workflows, to trigger them by just pushing commits here.r-configure
r-valgrind
We have to merge this to test workflow dispatch
To trigger these workflows with workflow dispatch, we'll have to merge this to
master
.But once we do, we'll be able to test workflow changes on another PR from a branch on this repo, because GitHub's UI lets you choose the branch for workflow dispatch.
After this PR
We can remove the repo secret
WORKFLOW
and not need to ever refresh GitHub credentials again 😁