Skip to content

Sophios yaml pip

Sophios yaml pip #432

name: Branch Dispatch
on:
pull_request_target:
permissions:
actions: read
contents: read
pull-requests: read
jobs:
branch_dispatch:
runs-on: ubuntu-latest
steps:
# See token.md
- name: Generate a token
if: always()
id: generate_token
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
# !!!!!! CRITICAL: PLEASE READ !!!!!!
# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions- settings-for-a-repository#controlling-changes-from-forks-to-workflows-in-public-repositories
# "Note: Workflows triggered by pull_request_target events are run in the context of the base
# branch. Since the base branch is considered trusted, workflows triggered by these events will always run,
# REGARDLESS OF APPROVAL SETTINGS."
# Therefore, membership must be checked to authorize PRs to run workflows.
#
# Note: 1. To use this repository's private action, you must check out the repository
# 2. PRs from external accounts could alter behaviors of the custom actions and execute
# the altered actions if the head of PR is checked out to use custom actions. Therefore,
# always checkout the base branch of the PR to use trustful actions before the identity
# could be verified.
- name: Checkout commit sha (Pull Request only)
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.base.sha }} # Check out the base to use trustworthy actions
- name: Check Membership
uses: ./.github/my_actions/check_membership/ # Must start with ./
with:
account_name: ${{ github.event.pull_request.head.repo.owner.login }}
access_token: ${{ steps.generate_token.outputs.token }}
- name: Create environment variables
env:
COMMIT_MESSAGE: ''
run: |
echo "commit_message=$COMMIT_MESSAGE" >> $GITHUB_ENV
# Unbelievably, for pull requests only, there is apparently no way to get
# the commit message directly via the github API.
# See https://github.com/orgs/community/discussions/28474
- name: Checkout commit sha (Pull Request only)
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Get commit message (Pull Request only)
run: |
echo "commit_message=$(git show -s --format=%s)" >> $GITHUB_ENV
- name: Check existence of wic
uses: ./.github/my_actions/check_existence/ # Must start with ./
id: ce_wic
with:
repository: workflow-inference-compiler
sender_repo_owner: ${{ github.event.pull_request.head.repo.owner.login }}
sender_repo_ref: ${{ github.event.pull_request.head.ref }}
default_owner: PolusAI
default_branch: master
access_token: ${{ steps.generate_token.outputs.token }}
- name: Check existence of dispatch ref in wic
uses: ./.github/my_actions/check_existence/ # Must start with ./
id: ce_wic_dispatch
with:
repository: workflow-inference-compiler
sender_repo_owner: ${{ github.repository_owner }}
sender_repo_ref: ${{ github.event.pull_request.head.ref }}
default_owner: PolusAI
default_branch: master
access_token: ${{ steps.generate_token.outputs.token }}
- name: Check existence of mm-workflows
uses: ./.github/my_actions/check_existence/ # Must start with ./
id: ce_mm-workflows
with:
repository: mm-workflows
sender_repo_owner: ${{ github.event.pull_request.head.repo.owner.login }}
sender_repo_ref: ${{ github.event.pull_request.head.ref }}
default_owner: PolusAI
default_branch: main
access_token: ${{ steps.generate_token.outputs.token }}
# For other repositories, the entire step below should be copied and edited to make new steps.
- name: Check existence of image-workflows
uses: ./.github/my_actions/check_existence/ # Must start with ./
id: ce_image-workflows
with:
repository: image-workflows
sender_repo_owner: ${{ github.event.pull_request.head.repo.owner.login }}
sender_repo_ref: ${{ github.event.pull_request.head.ref }}
default_owner: PolusAI
default_branch: main
access_token: ${{ steps.generate_token.outputs.token }}
- name: Branch dispatch lint_and_test.yml
uses: ./.github/my_actions/branch_dispatch/ # Must start with ./
id: bd_lint_and_test
with:
repository: workflow-inference-compiler
workflow_yml: lint_and_test.yml
sender_repo: ${{ github.event.pull_request.head.repo.owner.login }}/${{ github.event.pull_request.head.repo.name }}
sender_repo_owner: ${{ github.event.pull_request.head.repo.owner.login }}
dispatch_ref: ${{ steps.ce_wic_dispatch.outputs.ref }}
wic_owner: ${{ steps.ce_wic.outputs.owner }}
wic_ref: ${{ steps.ce_wic.outputs.ref }}
event_type: ${{ github.event_name }}
commit_message: ${{ env.commit_message }}
mm_workflows_owner: ${{ steps.ce_mm-workflows.outputs.owner }}
mm_workflows_ref: ${{ steps.ce_mm-workflows.outputs.ref }}
image_workflows_owner: ${{ steps.ce_image-workflows.outputs.owner }}
image_workflows_ref: ${{ steps.ce_image-workflows.outputs.ref }}
access_token: ${{ steps.generate_token.outputs.token }}
- name: Branch dispatch run_workflows.yml
uses: ./.github/my_actions/branch_dispatch/ # Must start with ./
id: bd_run_workflows
with:
repository: workflow-inference-compiler
workflow_yml: run_workflows.yml
sender_repo: ${{ github.event.pull_request.head.repo.owner.login }}/${{ github.event.pull_request.head.repo.name }}
sender_repo_owner: ${{ github.event.pull_request.head.repo.owner.login }}
dispatch_ref: ${{ steps.ce_wic_dispatch.outputs.ref }}
wic_owner: ${{ steps.ce_wic.outputs.owner }}
wic_ref: ${{ steps.ce_wic.outputs.ref }}
event_type: ${{ github.event_name }}
commit_message: ${{ env.commit_message }}
mm_workflows_owner: ${{ steps.ce_mm-workflows.outputs.owner }}
mm_workflows_ref: ${{ steps.ce_mm-workflows.outputs.ref }}
image_workflows_owner: ${{ steps.ce_image-workflows.outputs.owner }}
image_workflows_ref: ${{ steps.ce_image-workflows.outputs.ref }}
access_token: ${{ steps.generate_token.outputs.token }}