Use correct SHA for pull request events

In a pull request, GITHUB_SHA is set to the "last merge commit on the GITHUB_REF branch".
This isn't the correct value to use when generating a dependency graph.
This changes to use the value of `pull_request.head.sha`, which is the correct
value for a dependency graph.

Fixes #882
This commit is contained in:
daz 2023-09-26 05:14:11 -06:00 committed by Daz DeBoer
parent 4441c9f9bf
commit 87ccc98a2a
3 changed files with 36 additions and 5 deletions

11
package-lock.json generated
View File

@ -19,6 +19,7 @@
"@actions/http-client": "2.1.1", "@actions/http-client": "2.1.1",
"@actions/tool-cache": "2.0.1", "@actions/tool-cache": "2.0.1",
"@octokit/rest": "19.0.13", "@octokit/rest": "19.0.13",
"@octokit/webhooks-types": "7.3.0",
"string-argv": "0.3.2" "string-argv": "0.3.2"
}, },
"devDependencies": { "devDependencies": {
@ -1817,6 +1818,11 @@
"@octokit/openapi-types": "^12.11.0" "@octokit/openapi-types": "^12.11.0"
} }
}, },
"node_modules/@octokit/webhooks-types": {
"version": "7.3.0",
"resolved": "https://registry.npmjs.org/@octokit/webhooks-types/-/webhooks-types-7.3.0.tgz",
"integrity": "sha512-DnZ0JdT6+me5a74H/FxHz6Pu3udTtGj5qfno9GhHWgdJoqo1EvaBWqnXRN2//XarzgfbsgkBO9Kzv7ap99mNuQ=="
},
"node_modules/@opentelemetry/api": { "node_modules/@opentelemetry/api": {
"version": "1.4.1", "version": "1.4.1",
"resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz",
@ -9552,6 +9558,11 @@
"@octokit/openapi-types": "^12.11.0" "@octokit/openapi-types": "^12.11.0"
} }
}, },
"@octokit/webhooks-types": {
"version": "7.3.0",
"resolved": "https://registry.npmjs.org/@octokit/webhooks-types/-/webhooks-types-7.3.0.tgz",
"integrity": "sha512-DnZ0JdT6+me5a74H/FxHz6Pu3udTtGj5qfno9GhHWgdJoqo1EvaBWqnXRN2//XarzgfbsgkBO9Kzv7ap99mNuQ=="
},
"@opentelemetry/api": { "@opentelemetry/api": {
"version": "1.4.1", "version": "1.4.1",
"resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz",

View File

@ -39,6 +39,7 @@
"@actions/http-client": "2.1.1", "@actions/http-client": "2.1.1",
"@actions/tool-cache": "2.0.1", "@actions/tool-cache": "2.0.1",
"@octokit/rest": "19.0.13", "@octokit/rest": "19.0.13",
"@octokit/webhooks-types": "7.3.0",
"string-argv": "0.3.2" "string-argv": "0.3.2"
}, },
"devDependencies": { "devDependencies": {

View File

@ -4,6 +4,7 @@ import * as github from '@actions/github'
import * as glob from '@actions/glob' import * as glob from '@actions/glob'
import * as toolCache from '@actions/tool-cache' import * as toolCache from '@actions/tool-cache'
import {GitHub} from '@actions/github/lib/utils' import {GitHub} from '@actions/github/lib/utils'
import type {PullRequestEvent} from '@octokit/webhooks-types'
import * as path from 'path' import * as path from 'path'
import fs from 'fs' import fs from 'fs'
@ -19,12 +20,11 @@ export function setup(option: DependencyGraphOption): void {
} }
core.info('Enabling dependency graph generation') core.info('Enabling dependency graph generation')
const jobCorrelator = getJobCorrelator()
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true') core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true')
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', jobCorrelator) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator())
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId)
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref)
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', github.context.sha) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext())
core.exportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory()) core.exportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory())
core.exportVariable( core.exportVariable(
'DEPENDENCY_GRAPH_REPORT_DIR', 'DEPENDENCY_GRAPH_REPORT_DIR',
@ -152,7 +152,26 @@ function getRelativePathFromWorkspace(file: string): string {
return path.relative(workspaceDirectory, file) return path.relative(workspaceDirectory, file)
} }
export function getJobCorrelator(): string { function getShaFromContext(): string {
const context = github.context
const pullRequestEvents = [
'pull_request',
'pull_request_comment',
'pull_request_review',
'pull_request_review_comment'
// Note that pull_request_target is omitted here.
// That event runs in the context of the base commit of the PR,
// so the snapshot should not be associated with the head commit.
]
if (pullRequestEvents.includes(context.eventName)) {
const pr = (context.payload as PullRequestEvent).pull_request
return pr.head.sha
} else {
return context.sha
}
}
function getJobCorrelator(): string {
return constructJobCorrelator(github.context.workflow, github.context.job, getJobMatrix()) return constructJobCorrelator(github.context.workflow, github.context.job, getJobMatrix())
} }