Use Build Artifact to communicate PR information

A workflow run with a `workflow_run` payload does not contain the
necessary information to build a PR embed. As the old method of using
the API to fetch the relevant information turned out to be fragile (read
note 1 below) and the original Lint workflow already contains the
`pull_request` payload, we now store it as a build artifact.

The embed workflow then fetches the artifact and parses it to get the
relevant information out of it.

---

Note 1: Unfortunately, filtering Pull Requests using the "head"
parameter of the ``/repos/{owner}/{repo}/pulls` endpoint does not work
if the PR belongs to a fork with a different name than the base
repository: the API request will just return an empty array.

I've contacted GH to ask if this was intended or if it's a glitch, but,
for now, it's not a route that's easily available.

2 files changed, 41 insertions, 18 deletions

diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 063f406c..c0822e7f 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -91,3 +91,25 @@ jobs:
       - name: Run flake8
         run: "flake8 \
         --format='::error file=%(path)s,line=%(row)d,col=%(col)d::[flake8] %(code)s: %(text)s'"
+
+      # Prepare the Pull Request Payload artifact. If this fails, we
+      # we fail silently using the `continue-on-error` option. It's
+      # nice if this succeeds, but if it fails for any reason, it
+      # does not mean that our lint checks failed.
+      - name: Prepare Pull Request Payload artifact
+        id: prepare-artifact
+        if: always() && github.event_name == 'pull_request'
+        continue-on-error: true
+        run: cat $GITHUB_EVENT_PATH | jq '.pull_request' > pull_request_payload.json
+
+      # This only makes sense if the previous step succeeded. To
+      # get the original outcome of the previous step before the
+      # `continue-on-error` conclusion is applied, we use the
+      # `.outcome` value. This step also fails silently.
+      - name: Upload a Build Artifact
+        if: steps.prepare-artifact.outcome == 'success'
+        continue-on-error: true
+        uses: actions/upload-artifact@v2
+        with:
+          name: pull-request-payload
+          path: pull_request_payload.json
diff --git a/.github/workflows/status_embed.yaml b/.github/workflows/status_embed.yaml
index 1d175fb9..c8502a19 100644
--- a/.github/workflows/status_embed.yaml
+++ b/.github/workflows/status_embed.yaml
@@ -25,25 +25,23 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      # Unfortunately, not all the pull request information we
-      # need is available in the workflow_run payload. We need
-      # to fetch it from the API.
+      # A workflow_run event does not contain all the information
+      # we need for a PR embed. That's why we upload an artifact
+      # with that information in the Lint workflow.
       - name: Get Pull Request Information
+        id: pr_info
         if: github.event.workflow_run.event == 'pull_request'
-        uses: octokit/[email protected]
-        id: pull_request
-        with:
-          route: GET /repos/{owner}/{repo}/pulls
-          owner: ${{ github.event.repository.owner.login }}
-          repo: ${{ github.event.repository.name }}
-          state: open
-          head: ${{format(
-              '{0}:{1}',
-              github.event.workflow_run.head_repository.owner.login,
-              github.event.workflow_run.head_branch
-            )}}
-          sort: updated
-          direction: desc
+        run: |
+          curl -s -H "Authorization: token $GITHUB_TOKEN" ${{ github.event.workflow_run.artifacts_url }} > artifacts.json
+          DOWNLOAD_URL=$(cat artifacts.json | jq -r '.artifacts[] | select(.name == "pull-request-payload") | .archive_download_url')
+          [ -z "$DOWNLOAD_URL" ] && exit 1
+          wget --quiet --header="Authorization: token $GITHUB_TOKEN" -O pull_request_payload.zip $DOWNLOAD_URL || exit 2
+          unzip -p pull_request_payload.zip > pull_request_payload.json
+          [ -s pull_request_payload.json ] || exit 3
+          echo "::set-output name=pr_author_login::$(jq -r '.user.login // empty' pull_request_payload.json)"
+          echo "::set-output name=pr_number::$(jq -r '.number // empty' pull_request_payload.json)"
+          echo "::set-output name=pr_title::$(jq -r '.title // empty' pull_request_payload.json)"
+          echo "::set-output name=pr_source::$(jq -r '.head.label // empty' pull_request_payload.json)"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -68,4 +66,7 @@ jobs:
           ref: ${{ github.ref }}
           sha: ${{ github.event.workflow_run.head_sha }}
 
-          pull_request_payload: ${{ steps.pull_request.outputs.data }}
+          pr_author_login: ${{ steps.pr_info.outputs.pr_author_login }}
+          pr_number: ${{ steps.pr_info.outputs.pr_number }}
+          pr_title: ${{ steps.pr_info.outputs.pr_title }}
+          pr_source: ${{ steps.pr_info.outputs.pr_source }}