-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to review add-ons #1757
Conversation
Though this is ready for review, I'd like to comment that, instead of body, maybe more useful to include the resourcePath of the comment. Different urls maybe saved in discussion.json, one for each version, though imo this would be useless since I don't think that a specific location in a webpage can be selected opening it from NVDA gui (i.e., from the store). |
repository-id: 'MDEwOlJlcG9zaXRvcnkyMzI4MTU5NTQ=' | ||
category-id: 'DIC_kwDODeB9Us4CaB4B' | ||
title: Reviews for ${{ steps.getAddonIdAndVersion.outputs.addonId }} add-on | ||
body: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's a shame that the API doesn't support the polls feature We will have to add these manually and the API might not even allow posting discussion to the category without poll options.
@seanbudd thanks for your review. If you don't merge this today, I'll test changes on my fork. |
I think there are still some unresolved suggestions. Please mark resolved ones as resolved. |
@seanbudd I think it's resolved now. Please let me know if I should test this. |
with: | ||
script: | | ||
const addonFilename = ${{ needs.getAddonFilename.outputs.addonFileName }} | ||
const addonName = addonFilename.split('/')[1] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is still just using the add-on file name / addonId. Please get the add-on name from the meta data
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is still unresolved
echo ${{ needs.getAddonFilename.outputs.addonFileName }} | ||
) | ||
discussionUrl=$( | ||
echo ${{ steps.createDiscussion.outputs.discussion-url }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should probably use the url to the comment with the version, not the discussion url
We cannot use ${{ github.REPOSITORY_ID }}. This gets the value of an id shown in HTML, I think. This is a numeric value and we need 'MDEwOlJlcG9zaXRvcnkyMzI4MTU5NTQ=' |
@seanbudd hopely this goes in the good way. But unfortunately the create review comment steps throws a syntax error due to a { https://github.com/nvdaes/addon-datastore/actions/runs/6499804024/job/17654017249#step:7:28 |
no, as I mentioned, the repository id needs to be hard-coded since the variable suggested by you gives an id that is different respect that the id we need here.
|
i read that always() is not the same that checking the failure and success, since always includes cancel. i"ll try to fix the remaining points.
|
@nvdaes - please reply in response to review comments in a threaded manner. email based response makes tracking the review much harder and also includes a lot of extra junk due to your email signature including the body of the text you are responding to. |
This comment was marked as outdated.
This comment was marked as outdated.
@seanbudd , unfortunately, for any reasonthat I don't know,though the created PR is merged to masterand the add-on metadata is added to the master branch, the createComment job fails with the following message:
|
@nvdaes - could you point to a failed action so it can be investigated? My assumption is a |
note that there are also merge conflicts here |
Thanks @seanbudd . In fact, the checkout action fetches the commitprevious to merge. I'll try to perform a git pull in a next step. You can see a failed action at |
See also actions/checkout#439 |
I think that this is ready for another review. Now worked as expected. Please see the following actions: https://github.com/nvdaes/addon-datastore/actions/runs/6609167848 https://github.com/nvdaes/addon-datastore/actions/runs/6608903760 |
.github/workflows/sendJsonFile.yml
Outdated
author: github-actions <github-actions@github.com> | ||
repository: nvaccess/addon-datastore-transform | ||
path: transform | ||
- name: Validate metadata |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why was this moved here?
Shouldn't this happen after the PR is created and before it is merged?
This appears to close this issue on failure, without leaving a review comment explaining the validation errors.
body: "Closes #${{ inputs.issueNumber }}" | ||
author: github-actions <github-actions@github.com> | ||
delete-branch: true | ||
mergeToMaster: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this is missing a step to check metadata before merging the PR
.github/workflows/sendJsonFile.yml
Outdated
run: | | ||
cd datastore | ||
git add . | ||
$addonFileName = git diff --cached --name-only |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this seems fragile - what happens on PRs with multiple file names?
Shouldn't this be tied to the validation checks that only a single file is added a nd no files are modified?
@seanbudd , my initial intention is to perform the maximum number of checks before creating pull requests, assuming that just one file could be generated from the issue form, and assuming that nobody can push to addon-datastore in NV Access GitHub account, and that nobody from NV Access people would do it. https://github.com/nvdaes/addon-datastore/actions/runs/6636211592 The only change not tested in the above action is that I have changed checkout to v4 for some step. |
The failure in on that line seems intentional - as no review comment exists in |
@seanbudd , I've addressed your review so tht the createReviewComment job doesn¡t fail. Unfortunately the transform workflow is stil failing. I don't know what wouldhappen if you test this in the staging repo: https://github.com/nvdaes/addon-datastore/actions/runs/6658652475 If/when you merge this, please let me know if we should create a job to add discussions and comments for all add-ons. I'm not sure about the result due to multiple calls to the GitHub API. I think that next step would be to change the jsonSchema in addon-datastore-validation, and create an action in NVDA. |
I think its possible our step to update the discussion URL is changing the encoding of the addon version JSON file, thus causing the decode issue |
I think the API should be fine to handle it, particularly from actions as a source. |
@seanbudd , the issue with the transformation workflow seems to be fixed: https://github.com/nvdaes/addon-datastore/actions/runs/6664065150 |
@seanbudd I think that this is ready for a review, which unless you have more suggestions maybe the last one. The latest discussion doesn't show the add-on id between quotation marks in the title: When you merge this, I will work in a different PR trying to generate comments for all versions of add-ons. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @nvdaes for all your hard work on this, changes look good to me
Could you update the PR description to be more descriptive? e.g. summary of issue, development process, testing |
@seanbudd , I've updatedthe PR description. When you merge this, I'll work trying to create comments for all submissions in their corresponding discussions, or other steps that you consider appropriate like working in the addon-datastore-validation or to create an action in NVDA. We can use this code for further steps, in particular for GitHub Actions, so I prefer to wait until this is merged. |
This reverts commit 121b247.
Related to nvaccess/nvda#15576
Summary of the issue
Add-ons submitted to the store don't require a previous human review, though some checks are performed automatically to ensure conformance with a predefined json schema, and to avoid the acceptance of add-ons which declare to be tested with non existing API versions.
Though security cannot be warranted, a known place to make and consult human reviews can be provided. This maybe useful to search for feedback of users and reviewers before installing an add-on.
Development process
GitHub Actions have been used to create a discussion for each addonId, and a comment for each submission (add-on version),after add-on metadata is merged to the main branch of the addon-datastore repo.
Some info about created discussions, associated with add-on ids, will be stored in a discussions.json file.
Also, the URL corresponding with the comment for each submission will be stored in the add-on metadata.
Testing performed
Add-ons have been submitted to the nvdaes/addon-datastore repo, emulating the process to be performed in the nvaccess/addon-datastore repo, to test the effect of GitHub Actions.