[llvm-branch-commits] [llvm] [Github] Make unprivileged-download-artifact download multiple artifacts (PR #170216)
Aiden Grossman via llvm-branch-commits
llvm-branch-commits at lists.llvm.org
Tue Dec 2 18:23:23 PST 2025
https://github.com/boomanaiden154 updated https://github.com/llvm/llvm-project/pull/170216
>From f4dc493d9245a9739ab0e45a81ee7fef48c41801 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:01:04 +0000
Subject: [PATCH 01/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index fa3fbe8176a16..122b5028448f2 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -81,7 +81,7 @@ runs:
core.setOutput("urls", " ".join(artifact_urls));
core.setOutput("ids", " ".join(artifact_ids));
- core.setOutput("names", " ".join(artifact_names)")
+ core.setOutput("names", " ".join(artifact_names));
- shell: bash
if: steps.artifact-url.outputs.urls != ''
>From f6e0b79f1f176559a7d1bd7828a8665fe11c044d Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:02:31 +0000
Subject: [PATCH 02/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 122b5028448f2..cefa1ff58fcd9 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -49,7 +49,7 @@ runs:
artifacts_to_download = []
for (artifact of response.data.artifacts) {
- if (artifact.name.startswith(${{ inputs.artifact-name }})) {
+ if (artifact.name.startswith("${{ inputs.artifact-name }}")) {
artifacts_to_download.push(artifact)
}
}
>From bcc35cc917ef5b92731e63588cb2b4254f79068a Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:10:54 +0000
Subject: [PATCH 03/11] test
Created using spr 1.3.7
---
.github/workflows/issue-write.js | 106 ++++++++++++++++++
.../unprivileged-download-artifact/action.yml | 1 +
2 files changed, 107 insertions(+)
create mode 100644 .github/workflows/issue-write.js
diff --git a/.github/workflows/issue-write.js b/.github/workflows/issue-write.js
new file mode 100644
index 0000000000000..4f0acd3ff4f50
--- /dev/null
+++ b/.github/workflows/issue-write.js
@@ -0,0 +1,106 @@
+var fs = require('fs');
+const comments = JSON.parse(fs.readFileSync('./comments'));
+if (!comments || comments.length == 0) {
+ return;
+}
+
+let runInfo = await github.rest.actions.getWorkflowRun({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ run_id: context.payload.workflow_run.id
+});
+
+console.log(runInfo);
+
+
+// Query to find the number of the pull request that triggered this job.
+// The associated pull requests are based off of the branch name, so if
+// you create a pull request for a branch, close it, and then create
+// another pull request with the same branch, then this query will return
+// two associated pull requests. This is why we have to fetch all the
+// associated pull requests and then iterate through them to find the
+// one that is open.
+const gql_query = `
+ query($repo_owner : String!, $repo_name : String!, $branch: String!) {
+ repository(owner: $repo_owner, name: $repo_name) {
+ ref (qualifiedName: $branch) {
+ associatedPullRequests(first: 100) {
+ nodes {
+ baseRepository {
+ owner {
+ login
+ }
+ }
+ number
+ state
+ }
+ }
+ }
+ }
+ }
+`
+const gql_variables = {
+ repo_owner: runInfo.data.head_repository.owner.login,
+ repo_name: runInfo.data.head_repository.name,
+ branch: runInfo.data.head_branch
+}
+const gql_result = await github.graphql(gql_query, gql_variables);
+console.log(gql_result);
+// If the branch for the PR was deleted before this job has a chance
+// to run, then the ref will be null. This can happen if someone:
+// 1. Rebase the PR, which triggers some workflow.
+// 2. Immediately merges the PR and deletes the branch.
+// 3. The workflow finishes and triggers this job.
+if (!gql_result.repository.ref) {
+ console.log("Ref has been deleted");
+ return;
+}
+console.log(gql_result.repository.ref.associatedPullRequests.nodes);
+
+var pr_number = 0;
+gql_result.repository.ref.associatedPullRequests.nodes.forEach((pr) => {
+
+ // The largest PR number is the one we care about. The only way
+ // to have more than one associated pull requests is if all the
+ // old pull requests are in the closed state.
+ if (pr.baseRepository.owner.login = context.repo.owner && pr.number > pr_number) {
+ pr_number = pr.number;
+ }
+});
+if (pr_number == 0) {
+ console.log("Error retrieving pull request number");
+ return;
+}
+
+await comments.forEach(function (comment) {
+ if (comment.id) {
+ // Security check: Ensure that this comment was created by
+ // the github-actions bot, so a malicious input won't overwrite
+ // a user's comment.
+ github.rest.issues.getComment({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ comment_id: comment.id
+ }).then((old_comment) => {
+ console.log(old_comment);
+ if (old_comment.data.user.login != "github-actions[bot]") {
+ console.log("Invalid comment id: " + comment.id);
+ return;
+ }
+ github.rest.issues.updateComment({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ issue_number: pr_number,
+ comment_id: comment.id,
+ body: comment.body
+ });
+ });
+ } else {
+ github.rest.issues.createComment({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ issue_number: pr_number,
+ body: comment.body
+ });
+ }
+});
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index cefa1ff58fcd9..9b71a4f083640 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -46,6 +46,7 @@ runs:
}
console.log(response)
+ console.log(response.data.artifacts)
artifacts_to_download = []
for (artifact of response.data.artifacts) {
>From f3f0d4793345e634c0accc473101d91a950d48a9 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:12:03 +0000
Subject: [PATCH 04/11] test
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 9b71a4f083640..6dd526d298c9e 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -46,11 +46,10 @@ runs:
}
console.log(response)
- console.log(response.data.artifacts)
artifacts_to_download = []
for (artifact of response.data.artifacts) {
- if (artifact.name.startswith("${{ inputs.artifact-name }}")) {
+ if (artifact.name.startsWith("${{ inputs.artifact-name }}")) {
artifacts_to_download.push(artifact)
}
}
>From cf688d79352b066f0cccdd45a443337106c30578 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:13:33 +0000
Subject: [PATCH 05/11] fix
Created using spr 1.3.7
---
.github/workflows/issue-write.js | 106 ------------------
.../unprivileged-download-artifact/action.yml | 6 +-
2 files changed, 3 insertions(+), 109 deletions(-)
delete mode 100644 .github/workflows/issue-write.js
diff --git a/.github/workflows/issue-write.js b/.github/workflows/issue-write.js
deleted file mode 100644
index 4f0acd3ff4f50..0000000000000
--- a/.github/workflows/issue-write.js
+++ /dev/null
@@ -1,106 +0,0 @@
-var fs = require('fs');
-const comments = JSON.parse(fs.readFileSync('./comments'));
-if (!comments || comments.length == 0) {
- return;
-}
-
-let runInfo = await github.rest.actions.getWorkflowRun({
- owner: context.repo.owner,
- repo: context.repo.repo,
- run_id: context.payload.workflow_run.id
-});
-
-console.log(runInfo);
-
-
-// Query to find the number of the pull request that triggered this job.
-// The associated pull requests are based off of the branch name, so if
-// you create a pull request for a branch, close it, and then create
-// another pull request with the same branch, then this query will return
-// two associated pull requests. This is why we have to fetch all the
-// associated pull requests and then iterate through them to find the
-// one that is open.
-const gql_query = `
- query($repo_owner : String!, $repo_name : String!, $branch: String!) {
- repository(owner: $repo_owner, name: $repo_name) {
- ref (qualifiedName: $branch) {
- associatedPullRequests(first: 100) {
- nodes {
- baseRepository {
- owner {
- login
- }
- }
- number
- state
- }
- }
- }
- }
- }
-`
-const gql_variables = {
- repo_owner: runInfo.data.head_repository.owner.login,
- repo_name: runInfo.data.head_repository.name,
- branch: runInfo.data.head_branch
-}
-const gql_result = await github.graphql(gql_query, gql_variables);
-console.log(gql_result);
-// If the branch for the PR was deleted before this job has a chance
-// to run, then the ref will be null. This can happen if someone:
-// 1. Rebase the PR, which triggers some workflow.
-// 2. Immediately merges the PR and deletes the branch.
-// 3. The workflow finishes and triggers this job.
-if (!gql_result.repository.ref) {
- console.log("Ref has been deleted");
- return;
-}
-console.log(gql_result.repository.ref.associatedPullRequests.nodes);
-
-var pr_number = 0;
-gql_result.repository.ref.associatedPullRequests.nodes.forEach((pr) => {
-
- // The largest PR number is the one we care about. The only way
- // to have more than one associated pull requests is if all the
- // old pull requests are in the closed state.
- if (pr.baseRepository.owner.login = context.repo.owner && pr.number > pr_number) {
- pr_number = pr.number;
- }
-});
-if (pr_number == 0) {
- console.log("Error retrieving pull request number");
- return;
-}
-
-await comments.forEach(function (comment) {
- if (comment.id) {
- // Security check: Ensure that this comment was created by
- // the github-actions bot, so a malicious input won't overwrite
- // a user's comment.
- github.rest.issues.getComment({
- owner: context.repo.owner,
- repo: context.repo.repo,
- comment_id: comment.id
- }).then((old_comment) => {
- console.log(old_comment);
- if (old_comment.data.user.login != "github-actions[bot]") {
- console.log("Invalid comment id: " + comment.id);
- return;
- }
- github.rest.issues.updateComment({
- owner: context.repo.owner,
- repo: context.repo.repo,
- issue_number: pr_number,
- comment_id: comment.id,
- body: comment.body
- });
- });
- } else {
- github.rest.issues.createComment({
- owner: context.repo.owner,
- repo: context.repo.repo,
- issue_number: pr_number,
- body: comment.body
- });
- }
-});
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 6dd526d298c9e..161d90a6b09a2 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -79,9 +79,9 @@ runs:
artifact_names.push(artifact_to_download.name)
}
- core.setOutput("urls", " ".join(artifact_urls));
- core.setOutput("ids", " ".join(artifact_ids));
- core.setOutput("names", " ".join(artifact_names));
+ core.setOutput("urls", artifact_urls.join(" "));
+ core.setOutput("ids", artifact_ids.join(" "));
+ core.setOutput("names", artifact_names.join(" "));
- shell: bash
if: steps.artifact-url.outputs.urls != ''
>From 2bbccc7a00134bccf5b6a729100363b1680113cc Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:15:52 +0000
Subject: [PATCH 06/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 161d90a6b09a2..092b7444a8b45 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -75,7 +75,7 @@ runs:
})
artifact_ids.push(artifact_to_download.id)
- artifact_urls.push(url_response.url)
+ artifact_urls.push('"' + url_response.url '"')
artifact_names.push(artifact_to_download.name)
}
>From 5c007d20e75e66dfb91e1bb025467b652c72a92f Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:16:47 +0000
Subject: [PATCH 07/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 092b7444a8b45..f8a9c09a36173 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -75,7 +75,7 @@ runs:
})
artifact_ids.push(artifact_to_download.id)
- artifact_urls.push('"' + url_response.url '"')
+ artifact_urls.push('"' + url_response.url + '"')
artifact_names.push(artifact_to_download.name)
}
>From e7ee4cb98229af9f6941124acdde22b5132d0258 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:19:00 +0000
Subject: [PATCH 08/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index f8a9c09a36173..fb05ad61adb02 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -87,8 +87,8 @@ runs:
if: steps.artifact-url.outputs.urls != ''
id: download-artifact
run: |
- artifact_urls = (${{ steps.artifact-url.outputs.urls }})
- artifact_names = (${{ steps.artifact-url.outputs.names }})
+ artifact_urls=(${{ steps.artifact-url.outputs.urls }})
+ artifact_names=(${{ steps.artifact-url.outputs.names }})
for i in "${!artifact_urls[@]}"; do
curl -L -o "${artifact_names[$i]}.zip" "${artifact_urls[$i]}"
done
>From 09f0dcd3cc4d1e9c3ab2540b1ffe5be94241e094 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:20:26 +0000
Subject: [PATCH 09/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index fb05ad61adb02..702fd53d727a1 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -76,7 +76,7 @@ runs:
artifact_ids.push(artifact_to_download.id)
artifact_urls.push('"' + url_response.url + '"')
- artifact_names.push(artifact_to_download.name)
+ artifact_names.push('"' + artifact_to_download.name + '"')
}
core.setOutput("urls", artifact_urls.join(" "));
@@ -96,7 +96,7 @@ runs:
- shell: bash
if: steps.artifact-url.outputs.names != ''
run: |
- artifact_names (${{ steps.artifact-url.outputs.names }})
+ artifact_names=(${{ steps.artifact-url.outputs.names }})
for name in "${artifact_urls[@]}"; do
unzip "${name}.zip"
done
>From 657e43034fd22f7091876b2014ceca9c9d94990b Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:21:21 +0000
Subject: [PATCH 10/11] debug
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 702fd53d727a1..695d34c955867 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -100,3 +100,5 @@ runs:
for name in "${artifact_urls[@]}"; do
unzip "${name}.zip"
done
+
+ ls
>From 510f1e2b2ec54ac97d0d5afccffbfb268b0b2da2 Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 3 Dec 2025 02:23:08 +0000
Subject: [PATCH 11/11] fix
Created using spr 1.3.7
---
.github/workflows/unprivileged-download-artifact/action.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/unprivileged-download-artifact/action.yml b/.github/workflows/unprivileged-download-artifact/action.yml
index 695d34c955867..d0eb53234a585 100644
--- a/.github/workflows/unprivileged-download-artifact/action.yml
+++ b/.github/workflows/unprivileged-download-artifact/action.yml
@@ -97,8 +97,8 @@ runs:
if: steps.artifact-url.outputs.names != ''
run: |
artifact_names=(${{ steps.artifact-url.outputs.names }})
- for name in "${artifact_urls[@]}"; do
- unzip "${name}.zip"
+ for name in "${artifact_names[@]}"; do
+ unzip "${artifact_names[$i]}.zip"
done
ls
More information about the llvm-branch-commits
mailing list