Skip to content

gha/add pr comment triggers #1244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

gha/add pr comment triggers #1244

wants to merge 5 commits into from
+151 −8

Conversation

swap357
Copy link
Contributor

@swap357 swap357 commented Jul 29, 2025
edited
Loading

Currently, the GitHub Action workflows for building and testing llvmdev and llvmlite conda packages can only be triggered manually through the GitHub web interface using the workflow_dispatch event. This involves navigating to:

Actions tab → 'Run workflow' dropdown → Select branch and user inputs → Click 'Run'.:

Additionally, pull request triggers activate only when workflow files themselves change.
However, these triggers are inadequate for fully testing pull requests from forks, particularly when verifying the complete build chain (llvmdev → llvmlite).

To resolve this, the current PR introduces issue-comment event triggers using the github/command action. This setup enables maintainers with sufficient permissions (Numba developers) to invoke GitHub Action workflows directly through PR comments.

security and permissions:

  • Only maintainers or contributors with write permissions can trigger workflows using the /gha llvmdev command in PR comments.
  • The github/command action explicitly permits triggering workflows from forked repositories (allow_forks: true).
  • Commands are strictly parsed and validated within the workflow to prevent unauthorized or unintended execution.

references:

To achieve this, this PR adds issue-event triggers using github/command action. (github/command)

usage: 
[command] [keyword-args optional]
/gha llvmdev [platform='all', recipe='all']
/gha llvmlite [platform='all', llvmdev_run_id='']

llvmdev_run_id: Workflow ID obtained from the llvmdev run, required to retrieve artifacts.

@swap357 swap357 marked this pull request as ready for review July 29, 2025 19:59
@swap357
Copy link
Contributor Author

swap357 commented Jul 29, 2025
edited
Loading

example use of comment commands on a pull request here-
swap357#86
This also shows a test where a user with read-only access tries to run using comment command and fails.

@swap357
Copy link
Contributor Author

swap357 commented Jul 31, 2025

closing this one
as it has 2 major issues -

every workflow we use issue_comment trigger on gets invoked on pr comment. there's no way to filter or check for what comment contains on issue_comment definition. So, a random comment can invoke all workflows, check for command and not proceed. But workflows showing up on Actions tab will grow in order of comments*workflows .
We also need to link workflow triggered to pr final checks.

@swap357 swap357 closed this Jul 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
3 - Ready for Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@swap357