Use correct SHA for pull request events
In a pull request, GITHUB_SHA is set to the "last merge commit on the GITHUB_REF branch". This isn't the correct value to use when generating a dependency graph. This changes to use the value of `pull_request.head.sha`, which is the correct value for a dependency graph. Fixes #882
This commit is contained in:
		
							parent
							
								
									4441c9f9bf
								
							
						
					
					
						commit
						87ccc98a2a
					
				
							
								
								
									
										11
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										11
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							| @ -19,6 +19,7 @@ | |||||||
|         "@actions/http-client": "2.1.1", |         "@actions/http-client": "2.1.1", | ||||||
|         "@actions/tool-cache": "2.0.1", |         "@actions/tool-cache": "2.0.1", | ||||||
|         "@octokit/rest": "19.0.13", |         "@octokit/rest": "19.0.13", | ||||||
|  |         "@octokit/webhooks-types": "7.3.0", | ||||||
|         "string-argv": "0.3.2" |         "string-argv": "0.3.2" | ||||||
|       }, |       }, | ||||||
|       "devDependencies": { |       "devDependencies": { | ||||||
| @ -1817,6 +1818,11 @@ | |||||||
|         "@octokit/openapi-types": "^12.11.0" |         "@octokit/openapi-types": "^12.11.0" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|  |     "node_modules/@octokit/webhooks-types": { | ||||||
|  |       "version": "7.3.0", | ||||||
|  |       "resolved": "https://registry.npmjs.org/@octokit/webhooks-types/-/webhooks-types-7.3.0.tgz", | ||||||
|  |       "integrity": "sha512-DnZ0JdT6+me5a74H/FxHz6Pu3udTtGj5qfno9GhHWgdJoqo1EvaBWqnXRN2//XarzgfbsgkBO9Kzv7ap99mNuQ==" | ||||||
|  |     }, | ||||||
|     "node_modules/@opentelemetry/api": { |     "node_modules/@opentelemetry/api": { | ||||||
|       "version": "1.4.1", |       "version": "1.4.1", | ||||||
|       "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", |       "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", | ||||||
| @ -9552,6 +9558,11 @@ | |||||||
|         "@octokit/openapi-types": "^12.11.0" |         "@octokit/openapi-types": "^12.11.0" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|  |     "@octokit/webhooks-types": { | ||||||
|  |       "version": "7.3.0", | ||||||
|  |       "resolved": "https://registry.npmjs.org/@octokit/webhooks-types/-/webhooks-types-7.3.0.tgz", | ||||||
|  |       "integrity": "sha512-DnZ0JdT6+me5a74H/FxHz6Pu3udTtGj5qfno9GhHWgdJoqo1EvaBWqnXRN2//XarzgfbsgkBO9Kzv7ap99mNuQ==" | ||||||
|  |     }, | ||||||
|     "@opentelemetry/api": { |     "@opentelemetry/api": { | ||||||
|       "version": "1.4.1", |       "version": "1.4.1", | ||||||
|       "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", |       "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz", | ||||||
|  | |||||||
| @ -39,6 +39,7 @@ | |||||||
|     "@actions/http-client": "2.1.1", |     "@actions/http-client": "2.1.1", | ||||||
|     "@actions/tool-cache": "2.0.1", |     "@actions/tool-cache": "2.0.1", | ||||||
|     "@octokit/rest": "19.0.13", |     "@octokit/rest": "19.0.13", | ||||||
|  |     "@octokit/webhooks-types": "7.3.0", | ||||||
|     "string-argv": "0.3.2" |     "string-argv": "0.3.2" | ||||||
|   }, |   }, | ||||||
|   "devDependencies": { |   "devDependencies": { | ||||||
| @ -52,7 +53,7 @@ | |||||||
|     "eslint-plugin-jest": "27.4.0", |     "eslint-plugin-jest": "27.4.0", | ||||||
|     "eslint-plugin-prettier": "5.0.0", |     "eslint-plugin-prettier": "5.0.0", | ||||||
|     "jest": "29.7.0", |     "jest": "29.7.0", | ||||||
|     "js-yaml": "4.1.0",  |     "js-yaml": "4.1.0", | ||||||
|     "patch-package": "8.0.0", |     "patch-package": "8.0.0", | ||||||
|     "prettier": "3.0.3", |     "prettier": "3.0.3", | ||||||
|     "ts-jest": "29.1.1", |     "ts-jest": "29.1.1", | ||||||
|  | |||||||
| @ -4,6 +4,7 @@ import * as github from '@actions/github' | |||||||
| import * as glob from '@actions/glob' | import * as glob from '@actions/glob' | ||||||
| import * as toolCache from '@actions/tool-cache' | import * as toolCache from '@actions/tool-cache' | ||||||
| import {GitHub} from '@actions/github/lib/utils' | import {GitHub} from '@actions/github/lib/utils' | ||||||
|  | import type {PullRequestEvent} from '@octokit/webhooks-types' | ||||||
| 
 | 
 | ||||||
| import * as path from 'path' | import * as path from 'path' | ||||||
| import fs from 'fs' | import fs from 'fs' | ||||||
| @ -19,12 +20,11 @@ export function setup(option: DependencyGraphOption): void { | |||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     core.info('Enabling dependency graph generation') |     core.info('Enabling dependency graph generation') | ||||||
|     const jobCorrelator = getJobCorrelator() |  | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true') |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_ENABLED', 'true') | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', jobCorrelator) |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_CORRELATOR', getJobCorrelator()) | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId) |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_JOB_ID', github.context.runId) | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref) |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_REF', github.context.ref) | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', github.context.sha) |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_SHA', getShaFromContext()) | ||||||
|     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory()) |     core.exportVariable('GITHUB_DEPENDENCY_GRAPH_WORKSPACE', layout.workspaceDirectory()) | ||||||
|     core.exportVariable( |     core.exportVariable( | ||||||
|         'DEPENDENCY_GRAPH_REPORT_DIR', |         'DEPENDENCY_GRAPH_REPORT_DIR', | ||||||
| @ -152,7 +152,26 @@ function getRelativePathFromWorkspace(file: string): string { | |||||||
|     return path.relative(workspaceDirectory, file) |     return path.relative(workspaceDirectory, file) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| export function getJobCorrelator(): string { | function getShaFromContext(): string { | ||||||
|  |     const context = github.context | ||||||
|  |     const pullRequestEvents = [ | ||||||
|  |         'pull_request', | ||||||
|  |         'pull_request_comment', | ||||||
|  |         'pull_request_review', | ||||||
|  |         'pull_request_review_comment' | ||||||
|  |         // Note that pull_request_target is omitted here.
 | ||||||
|  |         // That event runs in the context of the base commit of the PR,
 | ||||||
|  |         // so the snapshot should not be associated with the head commit.
 | ||||||
|  |     ] | ||||||
|  |     if (pullRequestEvents.includes(context.eventName)) { | ||||||
|  |         const pr = (context.payload as PullRequestEvent).pull_request | ||||||
|  |         return pr.head.sha | ||||||
|  |     } else { | ||||||
|  |         return context.sha | ||||||
|  |     } | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function getJobCorrelator(): string { | ||||||
|     return constructJobCorrelator(github.context.workflow, github.context.job, getJobMatrix()) |     return constructJobCorrelator(github.context.workflow, github.context.job, getJobMatrix()) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user