# This workflow is used to trigger the "PR Review Comment" workflow. This chaining is needed
# because workflows triggered by pull_request_review_comment do not have access to secrets.

name: PR Review Comment Trigger
on:
  pull_request_review_comment:
    types:
      - created

permissions:
  contents: read

jobs:
  trigger:
    runs-on: ubuntu-latest

    # The "PR Review Comment" workflow will check the success status of this workflow and only mark
    # the PR for re-review if this workflow was successful, which is when the author leaves a review comment.
    if: github.repository == 'backstage/backstage' && github.event.comment.user.id == github.event.pull_request.user.id

    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
        with:
          egress-policy: audit

      - name: Save PR number
        env:
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
          mkdir -p ./pr
          echo $PR_NUMBER > ./pr/pr_number
      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
        with:
          name: pr_number-${{ github.event.pull_request.number }}
          path: pr/