{"id":18308741,"url":"https://github.com/syslog-ng/syslog-ng-cfg-diff-pr","last_synced_at":"2026-02-25T07:04:27.870Z","repository":{"id":201607226,"uuid":"707362912","full_name":"syslog-ng/syslog-ng-cfg-diff-pr","owner":"syslog-ng","description":"Checks if a syslog-ng PR introduces config grammar changes.","archived":false,"fork":false,"pushed_at":"2025-02-11T07:55:06.000Z","size":5,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-11T08:44:02.133Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/syslog-ng.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-19T18:33:26.000Z","updated_at":"2025-02-11T07:55:10.000Z","dependencies_parsed_at":"2023-11-13T09:43:02.199Z","dependency_job_id":null,"html_url":"https://github.com/syslog-ng/syslog-ng-cfg-diff-pr","commit_stats":null,"previous_names":["alltilla/syslog-ng-cfg-diff-pr"],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng-cfg-diff-pr","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng-cfg-diff-pr/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng-cfg-diff-pr/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syslog-ng%2Fsyslog-ng-cfg-diff-pr/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/syslog-ng","download_url":"https://codeload.github.com/syslog-ng/syslog-ng-cfg-diff-pr/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248030663,"owners_count":21036238,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-05T16:09:06.517Z","updated_at":"2026-02-25T07:04:17.856Z","avatar_url":"https://github.com/syslog-ng.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# syslog-ng config grammar diff (PR) V2\n\nThis action uses [syslog-ng-cfg-helper](https://github.com/syslog-ng/syslog-ng-cfg-helper) to calculate the config differences that a PR introduces and prepares a comment about it, to be picked up by a workflow_run workflow.\n\nFor example: https://github.com/alltilla/syslog-ng/pull/123\n\n## Usage\n\nIt is recommended to run this action on a `pull_request` trigger. If it is done so, the run acquires the permissions from the originator repo of the PR. If the originator repo is a fork, then it will not be able to comment on an upstream PR. The solution to this is introducing a `workflow_run` workflow, which gets triggered by a workflow, that uses this action, runs in the upstream repo, and has the necessary permissions to comment on a PR.\n\nA `workflow_run` workflow always runs on the source code on master, so it cannot be exploited by changing it in a PR.\n\nThe business logic is split to generating the comment in the fork's context done by this action, and commenting on the PR in the upstream's context done by a workflow implemented there. So part of the implementation is done in the repo using this action. If this becomes a hassle in the future, we can create another action (similarly to this one) to be used by the `workflow_run` workflow.\n\n\n### Comment generating workflow\n```yaml\nname: Check config grammar changes (PR)\n\non:\n  pull_request:\n\njobs:\n  check-cfg-grammar-changes:\n    runs-on: ubuntu-latest\n    env:\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n    steps:\n      - uses: syslog-ng/syslog-ng-cfg-diff-pr@v2\n        continue-on-error: true\n```\n\n### Commenting workflow\n```yaml\nname: Comment config grammar changes (PR)\n\non:\n  workflow_run:\n    workflows: [Check config grammar changes (PR)]\n    types:\n      - completed\n\npermissions:\n  pull-requests: write\n\njobs:\n  update-or-remove-comment-on-pr:\n    runs-on: ubuntu-latest\n    env:\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n    steps:\n        # The download-artifact action cannot download artifacts from other workflows.\n        # Copied from https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run\n      - name: Download comment artifact\n        uses: actions/github-script@v6\n        with:\n          script: |\n            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({\n               owner: context.repo.owner,\n               repo: context.repo.repo,\n               run_id: context.payload.workflow_run.id,\n            });\n            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) =\u003e {\n              return artifact.name == \"comment\"\n            })[0];\n            let download = await github.rest.actions.downloadArtifact({\n               owner: context.repo.owner,\n               repo: context.repo.repo,\n               artifact_id: matchArtifact.id,\n               archive_format: 'zip',\n            });\n            let fs = require('fs');\n            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/comment.zip`, Buffer.from(download.data));\n\n      - name: Unzip comment artifact\n        run: unzip comment.zip\n\n      - name: Get PR ID\n        id: pr-id\n        run: |\n          # The pull_requests array always come empty when querying a workflow run's data if it is started from a fork. This might be a GitHub bug.\n          # There is also no json field in the `gh run view` command, which could give us the PR ID, so we can only query it based on the fork and branch.\n          # See https://github.com/orgs/community/discussions/25220\n\n          PR_ID=$(gh pr view -R \"${{ github.repository }}\" \"${{ github.event.workflow_run.head_repository.owner.login }}:${{ github.event.workflow_run.head_branch }}\" --json \"number\" --jq \".number\")\n          echo \"pr-id=${PR_ID}\" \u003e\u003e $GITHUB_OUTPUT\n\n      - name: Update or remove PR comment\n        run: |\n          EXISTING_COMMENT_ID=$( \\\n            gh api \\\n              -H \"Accept: application/vnd.github+json\" \\\n              -H \"X-GitHub-Api-Version: 2022-11-28\" \\\n              /repos/${{ github.repository }}/issues/${{ steps.pr-id.outputs.pr-id }}/comments \\\n              --jq '.[] | select(.user.login==\"github-actions[bot]\") | select(.user.type==\"Bot\") | select(.user.id==41898282) | select(.body | startswith(\"#### This Pull Request introduces config grammar changes\")) | .id')\n\n          if [[ -s \"${GITHUB_WORKSPACE}/comment\" ]]; then\n            if [[ -n \"${EXISTING_COMMENT_ID}\" ]]; then\n              gh api \\\n                -H \"Accept: application/vnd.github+json\" \\\n                -H \"X-GitHub-Api-Version: 2022-11-28\" \\\n                --method PATCH \\\n                /repos/${{ github.repository }}/issues/comments/${EXISTING_COMMENT_ID} \\\n                --input ${GITHUB_WORKSPACE}/comment\n              echo -e \"\\n::notice::Updated comment: ${EXISTING_COMMENT_ID}\"\n            else\n              gh api \\\n                -H \"Accept: application/vnd.github+json\" \\\n                -H \"X-GitHub-Api-Version: 2022-11-28\" \\\n                --method POST \\\n                /repos/${{ github.repository }}/issues/${{ steps.pr-id.outputs.pr-id }}/comments \\\n                --input ${GITHUB_WORKSPACE}/comment\n              echo -e \"\\n::notice::Created new comment\"\n            fi\n          else\n            if [[ -n \"${EXISTING_COMMENT_ID}\" ]]; then\n              gh api \\\n                -H \"Accept: application/vnd.github+json\" \\\n                -H \"X-GitHub-Api-Version: 2022-11-28\" \\\n                --method DELETE \\\n                /repos/${{ github.repository }}/issues/comments/${EXISTING_COMMENT_ID}\n              echo -e \"\\n::notice::Removed comment: ${EXISTING_COMMENT_ID}\"\n            else\n              echo -e \"\\n::notice::Nothing to do\"\n            fi\n          fi\n```\n\n## License\n\nThe scripts in this project are released under the [MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsyslog-ng%2Fsyslog-ng-cfg-diff-pr","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsyslog-ng%2Fsyslog-ng-cfg-diff-pr","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsyslog-ng%2Fsyslog-ng-cfg-diff-pr/lists"}