mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-03-08 14:39:58 +00:00
6689a1b14e
## Summary Perf report workflow fails on fork PRs because `GITHUB_TOKEN` is read-only for forks, causing "Resource not accessible by integration" on the PR comment step. ## Changes - **What**: Split `ci-perf-report.yaml` into a data-collection workflow + a `workflow_run`-triggered reporter (`pr-perf-report.yaml`), matching the existing `ci-size-data`/`pr-size-report` pattern. Added fork PR permissions guidance to `.github/AGENTS.md`. - **ci-perf-report.yaml**: Removed the `report` job and `pull-requests: write` permission. Added PR metadata (number + base branch) artifact upload. - **pr-perf-report.yaml** (new): Triggered by `workflow_run` on the perf workflow. Downloads metrics + metadata artifacts, generates report, posts PR comment with write permissions from the default-branch context. ## Review Focus - The two-workflow split follows the same pattern as `ci-size-data.yaml` → `pr-size-report.yaml`, which already works for fork PRs. - The `workflow_run` trigger runs in the base repo context per [GitHub Security Lab guidance](https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/), so it safely has write permissions even for fork PRs. - AGENTS.md guidance documents this pattern to prevent recurrence. Fixes the failure seen in https://github.com/Comfy-Org/ComfyUI_frontend/actions/runs/22684230751/job/65763595989?pr=9380 ┆Issue is synchronized with this [Notion page](https://www.notion.so/PR-9382-fix-split-perf-report-workflow-for-fork-PR-support-3196d73d365081b29b35ed354e7789e2) by [Unito](https://www.unito.io)
71 lines
1.8 KiB
YAML
71 lines
1.8 KiB
YAML
name: 'CI: Performance Report'
|
|
|
|
on:
|
|
push:
|
|
branches: [main, core/*]
|
|
paths-ignore: ['**/*.md']
|
|
pull_request:
|
|
branches-ignore: [wip/*, draft/*, temp/*]
|
|
paths-ignore: ['**/*.md']
|
|
|
|
concurrency:
|
|
group: perf-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
perf-tests:
|
|
if: github.repository == 'Comfy-Org/ComfyUI_frontend'
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 30
|
|
container:
|
|
image: ghcr.io/comfy-org/comfyui-ci-container:0.0.12
|
|
credentials:
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
permissions:
|
|
contents: read
|
|
packages: read
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v6
|
|
|
|
- name: Setup frontend
|
|
uses: ./.github/actions/setup-frontend
|
|
with:
|
|
include_build_step: true
|
|
|
|
- name: Start ComfyUI server
|
|
uses: ./.github/actions/start-comfyui-server
|
|
|
|
- name: Run performance tests
|
|
id: perf
|
|
continue-on-error: true
|
|
run: pnpm exec playwright test --project=performance --workers=1 --repeat-each=3
|
|
|
|
- name: Upload perf metrics
|
|
if: always()
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: perf-metrics
|
|
path: test-results/perf-metrics.json
|
|
retention-days: 30
|
|
if-no-files-found: warn
|
|
|
|
- name: Save PR metadata
|
|
if: github.event_name == 'pull_request'
|
|
run: |
|
|
mkdir -p temp/perf-meta
|
|
echo "${{ github.event.number }}" > temp/perf-meta/number.txt
|
|
echo "${{ github.event.pull_request.base.ref }}" > temp/perf-meta/base.txt
|
|
|
|
- name: Upload PR metadata
|
|
if: github.event_name == 'pull_request'
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: perf-meta
|
|
path: temp/perf-meta/
|