[llvm-branch-commits] [llvm] [Github] Make unprivileged-download-artifact download multiple artifacts (PR #170216)

Aiden Grossman via llvm-branch-commits llvm-branch-commits at lists.llvm.org
Tue Dec 2 18:11:06 PST 2025 

https://github.com/boomanaiden154 updated https://github.com/llvm/llvm-project/pull/170216

>From f4dc493d9245a9739ab0e45a81ee7fef48c41801 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:01:04 +0000
Subject: [PATCH 1/3] fix

Created using spr 1.3.7
---
 .github/workflows/unprivileged-download-artifact/action.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index fa3fbe8176a16..122b5028448f2 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -81,7 +81,7 @@ runs:
 
           core.setOutput("urls", " ".join(artifact_urls));
           core.setOutput("ids", " ".join(artifact_ids));
-          core.setOutput("names", " ".join(artifact_names)")
+          core.setOutput("names", " ".join(artifact_names));
 
     - shell: bash
       if: steps.artifact-url.outputs.urls != ''

>From f6e0b79f1f176559a7d1bd7828a8665fe11c044d Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:02:31 +0000
Subject: [PATCH 2/3] fix

Created using spr 1.3.7
---
 .github/workflows/unprivileged-download-artifact/action.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 122b5028448f2..cefa1ff58fcd9 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -49,7 +49,7 @@ runs:
 
           artifacts_to_download = []
           for (artifact of response.data.artifacts) {
-            if (artifact.name.startswith(${{ inputs.artifact-name }})) {
+            if (artifact.name.startswith("${{ inputs.artifact-name }}")) {
               artifacts_to_download.push(artifact)
             }
           }

>From bcc35cc917ef5b92731e63588cb2b4254f79068a Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:10:54 +0000
Subject: [PATCH 3/3] test

Created using spr 1.3.7
---
 .github/workflows/issue-write.js              | 106 ++++++++++++++++++
 .../unprivileged-download-artifact/action.yml |   1 +
 2 files changed, 107 insertions(+)
 create mode 100644 .github/workflows/issue-write.js

diff --git a/.github/workflows/issue-write.js b/.github/workflows/issue-write.js
new file mode 100644
index 0000000000000..4f0acd3ff4f50
--- /dev/null
+++ b/.github/workflows/issue-write.js
@@ -0,0 +1,106 @@
+var fs = require('fs');
+const comments = JSON.parse(fs.readFileSync('./comments'));
+if (!comments || comments.length == 0) {
+  return;
+}
+
+let runInfo = await github.rest.actions.getWorkflowRun({
+  owner: context.repo.owner,
+  repo: context.repo.repo,
+  run_id: context.payload.workflow_run.id
+});
+
+console.log(runInfo);
+
+
+// Query to find the number of the pull request that triggered this job.
+// The associated pull requests are based off of the branch name, so if
+// you create a pull request for a branch, close it, and then create
+// another pull request with the same branch, then this query will return
+// two associated pull requests.  This is why we have to fetch all the
+// associated pull requests and then iterate through them to find the
+// one that is open.
+const gql_query = `
+  query($repo_owner : String!, $repo_name : String!, $branch: String!) {
+    repository(owner: $repo_owner, name: $repo_name) {
+      ref (qualifiedName: $branch) {
+        associatedPullRequests(first: 100) {
+          nodes {
+            baseRepository {
+              owner {
+                login
+              }
+            }
+            number
+            state
+          }
+        }
+      }
+    }
+  }
+`
+const gql_variables = {
+  repo_owner: runInfo.data.head_repository.owner.login,
+  repo_name: runInfo.data.head_repository.name,
+  branch: runInfo.data.head_branch
+}
+const gql_result = await github.graphql(gql_query, gql_variables);
+console.log(gql_result);
+// If the branch for the PR was deleted before this job has a chance
+// to run, then the ref will be null.  This can happen if someone:
+// 1. Rebase the PR, which triggers some workflow.
+// 2. Immediately merges the PR and deletes the branch.
+// 3. The workflow finishes and triggers this job.
+if (!gql_result.repository.ref) {
+  console.log("Ref has been deleted");
+  return;
+}
+console.log(gql_result.repository.ref.associatedPullRequests.nodes);
+
+var pr_number = 0;
+gql_result.repository.ref.associatedPullRequests.nodes.forEach((pr) => {
+
+  // The largest PR number is the one we care about.  The only way
+  // to have more than one associated pull requests is if all the
+  // old pull requests are in the closed state.
+  if (pr.baseRepository.owner.login = context.repo.owner && pr.number > pr_number) {
+    pr_number = pr.number;
+  }
+});
+if (pr_number == 0) {
+  console.log("Error retrieving pull request number");
+  return;
+}
+
+await comments.forEach(function (comment) {
+  if (comment.id) {
+    // Security check: Ensure that this comment was created by
+    // the github-actions bot, so a malicious input won't overwrite
+    // a user's comment.
+    github.rest.issues.getComment({
+      owner: context.repo.owner,
+      repo: context.repo.repo,
+      comment_id: comment.id
+    }).then((old_comment) => {
+      console.log(old_comment);
+      if (old_comment.data.user.login != "github-actions[bot]") {
+        console.log("Invalid comment id: " + comment.id);
+        return;
+      }
+      github.rest.issues.updateComment({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        issue_number: pr_number,
+        comment_id: comment.id,
+        body: comment.body
+      });
+    });
+  } else {
+    github.rest.issues.createComment({
+      owner: context.repo.owner,
+      repo: context.repo.repo,
+      issue_number: pr_number,
+      body: comment.body
+    });
+  }
+});
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index cefa1ff58fcd9..9b71a4f083640 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -46,6 +46,7 @@ runs:
           }
 
           console.log(response)
+          console.log(response.data.artifacts)
 
           artifacts_to_download = []
           for (artifact of response.data.artifacts) {

More information about the llvm-branch-commits mailing list