# This workflow comments on a PR with the results of the `cargo bloat check` and `hotpath profiling` performed in the CI workflow. # This is a workaround for the limitations imposed by GitHub Actions on workflows triggered by pull requests from forked repositories. # The restrictions apply to the pull_request event triggered by a fork opening a pull request in the upstream repository. # - Events from forks cannot access secrets, except for the default GITHUB_TOKEN. # - The GITHUB_TOKEN has read-only access when an event is triggered by a forked repository. # # These restrictions mean that during a pull_request event triggered by a forked repository, # actions have no write access to GitHub resources and will fail on any attempt. name: PR comment on: workflow_run: # zizmor: ignore[dangerous-triggers] workflows: [Performance] types: [completed] workflow_dispatch: inputs: workflow_run_id: description: The CI workflow that triggers the workflow run required: true permissions: {} jobs: bloat-comment: runs-on: ubuntu-latest permissions: pull-requests: write steps: - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 with: name: bloat-check-results path: /tmp/bloat-check/ github-token: ${{ secrets.GITHUB_TOKEN }} run-id: ${{ github.event.workflow_run.id || github.event.inputs.workflow_run_id }} - name: Comment bloat check on PR uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | const fs = require('node:fs'); const marker = ''; const comparison = await fs.promises.readFile('/tmp/bloat-check/bloat-comparison.txt', 'utf8'); const body = `${marker}\n${comparison}`; const { repo, owner } = context.repo; const prNumber = await fs.promises.readFile('/tmp/bloat-check/pr-number.txt', 'utf8').then(Number); const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, issue_number: prNumber, per_page: 100, }); const existing = comments.find((comment) => comment.body?.includes(marker)); if (existing) { await github.rest.issues.updateComment({ owner, repo, comment_id: existing.id, body, }); } else { await github.rest.issues.createComment({ owner, repo, issue_number: prNumber, body, }); } hotpath-comment: runs-on: ubuntu-latest permissions: pull-requests: write steps: - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5 with: name: hotpath-results path: /tmp/hotpath/ github-token: ${{ secrets.GITHUB_TOKEN }} run-id: ${{ github.event.workflow_run.id || github.event.inputs.workflow_run_id }} - name: Install hotpath uses: taiki-e/install-action@5ab30948b991e8d6aa5a6c1e33c6aea130c6de65 # v2.62.12 with: tool: hotpath - name: Post PR comment - timing mode env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | set -euo pipefail HEAD_METRICS=$(cat /tmp/hotpath/head-timing.json) BASE_METRICS=$(cat /tmp/hotpath/base-timing.json) PR_NUMBER=$(cat /tmp/hotpath/pr-number.txt) hotpath profile-pr \ --head-metrics "$HEAD_METRICS" \ --base-metrics "$BASE_METRICS" \ --github-token "$GH_TOKEN" \ --pr-number "$PR_NUMBER" - name: Post PR comment - alloc mode env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | set -euo pipefail HEAD_METRICS=$(cat /tmp/hotpath/head-alloc.json) BASE_METRICS=$(cat /tmp/hotpath/base-alloc.json) PR_NUMBER=$(cat /tmp/hotpath/pr-number.txt) hotpath profile-pr \ --head-metrics "$HEAD_METRICS" \ --base-metrics "$BASE_METRICS" \ --github-token "$GH_TOKEN" \ --pr-number "$PR_NUMBER"