From 30ec15369f71b6d9d715b826ce46cf42277cb3f0 Mon Sep 17 00:00:00 2001 From: Matt Miller Date: Wed, 17 Jun 2026 12:31:16 -0700 Subject: [PATCH 1/2] ci: add bump-cursor-review-callers auto-bump workflow --- .../workflows/bump-cursor-review-callers.yml | 101 ++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 .github/workflows/bump-cursor-review-callers.yml diff --git a/.github/workflows/bump-cursor-review-callers.yml b/.github/workflows/bump-cursor-review-callers.yml new file mode 100644 index 0000000..4bd079c --- /dev/null +++ b/.github/workflows/bump-cursor-review-callers.yml @@ -0,0 +1,101 @@ +name: Bump cursor-review callers + +# When cursor-review.yml is updated on main, open a SHA-bump PR in every repo +# that pins a caller against it. PRs are opened by Cloud Code Bot so they are +# easy to filter and merge. + +on: + push: + branches: [main] + paths: + - .github/workflows/cursor-review.yml + +jobs: + bump: + runs-on: ubuntu-latest + steps: + - name: Generate Cloud Code Bot token + uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aeae84f52 # v1.12.0 + id: token + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.CLOUD_CODE_BOT_PRIVATE_KEY }} + owner: Comfy-Org + + - name: Bump SHA in caller repos + env: + GH_TOKEN: ${{ steps.token.outputs.token }} + NEW_SHA: ${{ github.sha }} + run: | + set -euo pipefail + SHORT="${NEW_SHA:0:7}" + BRANCH="ci/bump-cursor-review-${SHORT}" + + # repo|file pairs — one entry per caller + CALLERS=( + "Comfy-Org/cloud|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/comfy-cloud-mcp-server|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/comfy-inapp-agent|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/swarmhost|.github/workflows/cursor-review.yml" + "Comfy-Org/comfy-infra|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/ComfyUI_frontend|.github/workflows/pr-cursor-review.yaml" + "Comfy-Org/Comfy-Desktop|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/ComfyUI|.github/workflows/ci-cursor-review.yml" + ) + + for ENTRY in "${CALLERS[@]}"; do + REPO="${ENTRY%%|*}" + FILE="${ENTRY##*|}" + # GitHub contents API requires %2F-encoded path separators + FILE_ENC="${FILE//\//%2F}" + + DEFAULT_BRANCH=$(gh api "repos/${REPO}" --jq '.default_branch') + + # Fetch current file; skip if not found + CURRENT=$(gh api "repos/${REPO}/contents/${FILE_ENC}?ref=${DEFAULT_BRANCH}" 2>/dev/null) || { + echo "::warning::${REPO}: ${FILE} not found — skipping" + continue + } + + BLOB_SHA=$(echo "$CURRENT" | jq -r '.sha') + OLD_CONTENT=$(echo "$CURRENT" | jq -r '.content' | base64 -d) + + # Skip if already pinned to this SHA + if echo "$OLD_CONTENT" | grep -qF "$NEW_SHA"; then + echo "${REPO}: already at ${SHORT} — skipping" + continue + fi + + # Replace every 40-char hex SHA (uses: pin + workflows_ref value) and + # update the inline # github-workflows#N comment to record the new ref. + NEW_CONTENT=$(echo "$OLD_CONTENT" \ + | sed -E "s/[0-9a-f]{40}/${NEW_SHA}/g" \ + | sed -E "s|# github-workflows#[0-9]+|# github-workflows main (${SHORT})|g") + + # Create branch from default branch tip (ignore 422 if it already exists) + MAIN_SHA=$(gh api "repos/${REPO}/git/refs/heads/${DEFAULT_BRANCH}" --jq '.object.sha') + gh api --method POST "repos/${REPO}/git/refs" \ + --field ref="refs/heads/${BRANCH}" \ + --field sha="${MAIN_SHA}" 2>/dev/null || true + + # Commit updated file + ENCODED=$(printf '%s' "$NEW_CONTENT" | base64 | tr -d '\n') + gh api --method PUT "repos/${REPO}/contents/${FILE_ENC}" \ + --field message="ci: bump cursor-review to github-workflows@${SHORT}" \ + --field content="${ENCODED}" \ + --field sha="${BLOB_SHA}" \ + --field branch="${BRANCH}" \ + > /dev/null + + # Open PR (ignore error if one already exists for this branch) + gh pr create \ + --repo "${REPO}" \ + --head "${BRANCH}" \ + --base "${DEFAULT_BRANCH}" \ + --title "ci: bump cursor-review to github-workflows@${SHORT}" \ + --body "Automatic SHA bump — \`cursor-review.yml\` was updated in \`Comfy-Org/github-workflows\` at [\`${SHORT}\`](https://github.com/Comfy-Org/github-workflows/commit/${NEW_SHA}). + +_Opened by the \`bump-cursor-review-callers\` workflow._" 2>/dev/null \ + && echo "${REPO}: PR opened" \ + || echo "::warning::${REPO}: PR may already exist for ${BRANCH}" + done \ No newline at end of file From 86a1073401e4d89e0031f8da874a3a8aa2651bad Mon Sep 17 00:00:00 2001 From: Matt Miller Date: Wed, 17 Jun 2026 12:53:45 -0700 Subject: [PATCH 2/2] ci: add per-repo label support (ci for Comfy-Desktop, Core for ComfyUI) --- .../workflows/bump-cursor-review-callers.yml | 36 ++++++++++--------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/.github/workflows/bump-cursor-review-callers.yml b/.github/workflows/bump-cursor-review-callers.yml index 4bd079c..8217245 100644 --- a/.github/workflows/bump-cursor-review-callers.yml +++ b/.github/workflows/bump-cursor-review-callers.yml @@ -31,22 +31,22 @@ jobs: SHORT="${NEW_SHA:0:7}" BRANCH="ci/bump-cursor-review-${SHORT}" - # repo|file pairs — one entry per caller + # repo|file|label — label is optional, leave empty if the repo has none CALLERS=( - "Comfy-Org/cloud|.github/workflows/ci-cursor-review.yml" - "Comfy-Org/comfy-cloud-mcp-server|.github/workflows/ci-cursor-review.yml" - "Comfy-Org/comfy-inapp-agent|.github/workflows/ci-cursor-review.yml" - "Comfy-Org/swarmhost|.github/workflows/cursor-review.yml" - "Comfy-Org/comfy-infra|.github/workflows/ci-cursor-review.yml" - "Comfy-Org/ComfyUI_frontend|.github/workflows/pr-cursor-review.yaml" - "Comfy-Org/Comfy-Desktop|.github/workflows/ci-cursor-review.yml" - "Comfy-Org/ComfyUI|.github/workflows/ci-cursor-review.yml" + "Comfy-Org/cloud|.github/workflows/ci-cursor-review.yml|" + "Comfy-Org/comfy-cloud-mcp-server|.github/workflows/ci-cursor-review.yml|" + "Comfy-Org/comfy-inapp-agent|.github/workflows/ci-cursor-review.yml|" + "Comfy-Org/swarmhost|.github/workflows/cursor-review.yml|" + "Comfy-Org/comfy-infra|.github/workflows/ci-cursor-review.yml|" + "Comfy-Org/ComfyUI_frontend|.github/workflows/pr-cursor-review.yaml|" + "Comfy-Org/Comfy-Desktop|.github/workflows/ci-cursor-review.yml|ci" + "Comfy-Org/ComfyUI|.github/workflows/ci-cursor-review.yml|Core" ) for ENTRY in "${CALLERS[@]}"; do - REPO="${ENTRY%%|*}" - FILE="${ENTRY##*|}" - # GitHub contents API requires %2F-encoded path separators + REPO=$(echo "$ENTRY" | cut -d'|' -f1) + FILE=$(echo "$ENTRY" | cut -d'|' -f2) + LABEL=$(echo "$ENTRY" | cut -d'|' -f3) FILE_ENC="${FILE//\//%2F}" DEFAULT_BRANCH=$(gh api "repos/${REPO}" --jq '.default_branch') @@ -66,8 +66,7 @@ jobs: continue fi - # Replace every 40-char hex SHA (uses: pin + workflows_ref value) and - # update the inline # github-workflows#N comment to record the new ref. + # Replace every 40-char hex SHA and update the inline comment NEW_CONTENT=$(echo "$OLD_CONTENT" \ | sed -E "s/[0-9a-f]{40}/${NEW_SHA}/g" \ | sed -E "s|# github-workflows#[0-9]+|# github-workflows main (${SHORT})|g") @@ -87,6 +86,10 @@ jobs: --field branch="${BRANCH}" \ > /dev/null + # Build label args if the repo has a label configured + LABEL_ARGS=() + [[ -n "$LABEL" ]] && LABEL_ARGS=(--label "$LABEL") + # Open PR (ignore error if one already exists for this branch) gh pr create \ --repo "${REPO}" \ @@ -95,7 +98,8 @@ jobs: --title "ci: bump cursor-review to github-workflows@${SHORT}" \ --body "Automatic SHA bump — \`cursor-review.yml\` was updated in \`Comfy-Org/github-workflows\` at [\`${SHORT}\`](https://github.com/Comfy-Org/github-workflows/commit/${NEW_SHA}). -_Opened by the \`bump-cursor-review-callers\` workflow._" 2>/dev/null \ +_Opened by the \`bump-cursor-review-callers\` workflow._" \ + "${LABEL_ARGS[@]}" 2>/dev/null \ && echo "${REPO}: PR opened" \ || echo "::warning::${REPO}: PR may already exist for ${BRANCH}" - done \ No newline at end of file + done