From 8921542f6779a2ad8fa75c0cd53e7aff4fda7420 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 16:12:31 -0500 Subject: [PATCH 01/13] Update ci_consumption_workflow.yml --- .github/workflows/ci_consumption_workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci_consumption_workflow.yml b/.github/workflows/ci_consumption_workflow.yml index 4dbc1e365..59f445147 100644 --- a/.github/workflows/ci_consumption_workflow.yml +++ b/.github/workflows/ci_consumption_workflow.yml @@ -18,7 +18,7 @@ jobs: fail-fast: false matrix: python-version: [ 3.7, 3.8, 3.9, "3.10", "3.11" ] - + permissions: read-all steps: - name: Checkout code. uses: actions/checkout@v2 From 3e46fbb544d48a12ccca2503b1617e2866a9ac21 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 21:34:24 +0000 Subject: [PATCH 02/13] add read_all to all pipelines --- .github/workflows/ci_docker_con_workflow.yml | 1 + .github/workflows/ci_docker_custom_workflow.yml | 1 + .github/workflows/ci_docker_ded_workflow.yml | 1 + .github/workflows/ci_e2e_workflow.yml | 2 +- .github/workflows/ci_ut_workflow.yml | 1 + .github/workflows/codeql-analysis.yml | 3 ++- .github/workflows/linter.yml | 1 + .github/workflows/ogf_workflow.yml | 1 + .github/workflows/perf-testing-setup.yml | 1 + 9 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci_docker_con_workflow.yml b/.github/workflows/ci_docker_con_workflow.yml index e5b7b4613..d5a32a59a 100644 --- a/.github/workflows/ci_docker_con_workflow.yml +++ b/.github/workflows/ci_docker_con_workflow.yml @@ -17,6 +17,7 @@ jobs: fail-fast: false matrix: python-version: [ 3.7, 3.8, 3.9, "3.10" ] + permissions: read-all env: CONSUMPTION_DOCKER_TEST: "true" diff --git a/.github/workflows/ci_docker_custom_workflow.yml b/.github/workflows/ci_docker_custom_workflow.yml index 142ec7751..6e1c87cb1 100644 --- a/.github/workflows/ci_docker_custom_workflow.yml +++ b/.github/workflows/ci_docker_custom_workflow.yml @@ -34,6 +34,7 @@ jobs: runs-on: ubuntu-latest strategy: fail-fast: false + permissions: read-all env: DEDICATED_DOCKER_TEST: ${{ github.event.inputs.DEDICATED_DOCKER_TEST }} CONSUMPTION_DOCKER_TEST: ${{ github.event.inputs.CONSUMPTION_DOCKER_TEST }} diff --git a/.github/workflows/ci_docker_ded_workflow.yml b/.github/workflows/ci_docker_ded_workflow.yml index 1bfc1fd8a..28db20b9b 100644 --- a/.github/workflows/ci_docker_ded_workflow.yml +++ b/.github/workflows/ci_docker_ded_workflow.yml @@ -17,6 +17,7 @@ jobs: fail-fast: false matrix: python-version: [ 3.7, 3.8, 3.9, "3.10" ] + permissions: read-all env: DEDICATED_DOCKER_TEST: "true" diff --git a/.github/workflows/ci_e2e_workflow.yml b/.github/workflows/ci_e2e_workflow.yml index 8138121da..27d453c04 100644 --- a/.github/workflows/ci_e2e_workflow.yml +++ b/.github/workflows/ci_e2e_workflow.yml @@ -22,7 +22,7 @@ jobs: fail-fast: false matrix: python-version: [ 3.7, 3.8, 3.9, "3.10", "3.11" ] - + permissions: read-all steps: - name: Checkout code. uses: actions/checkout@v2 diff --git a/.github/workflows/ci_ut_workflow.yml b/.github/workflows/ci_ut_workflow.yml index d775170f4..1072cd403 100644 --- a/.github/workflows/ci_ut_workflow.yml +++ b/.github/workflows/ci_ut_workflow.yml @@ -21,6 +21,7 @@ jobs: fail-fast: false matrix: python-version: [ 3.7, 3.8, 3.9, "3.10", "3.11" ] + permissions: read-all steps: - uses: actions/checkout@v2 - name: Set up Python ${{ matrix.python-version }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8a2cf0645..54772ae44 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,7 +35,8 @@ jobs: language: [ 'python' ] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://git.io/codeql-language-support - + permissions: read-all + steps: - name: Checkout repository uses: actions/checkout@v3 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 4940aa1e3..83e6f572f 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -26,6 +26,7 @@ jobs: name: Lint Code Base # Set the agent to run on runs-on: ubuntu-latest + permissions: read-all ################## # Load all steps # diff --git a/.github/workflows/ogf_workflow.yml b/.github/workflows/ogf_workflow.yml index bb1ed3d49..41fc79f28 100644 --- a/.github/workflows/ogf_workflow.yml +++ b/.github/workflows/ogf_workflow.yml @@ -62,6 +62,7 @@ jobs: STORAGE_ACCOUNT_NAME: "ogf${{ matrix.sku }}${{ matrix.region }}${{ github.run_number }}" FUNCTION_APP_PLAN_NAME: "ogf-epplan-${{ matrix.sku }}-${{ matrix.region }}-${{ github.run_number }}" runs-on: ubuntu-latest + permissions: read-all timeout-minutes: 30 strategy: # V. IMPORTANT: Copy this strategy section to the dependent diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 19c7453fd..e7b1c50e9 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -23,6 +23,7 @@ jobs: build: if: ${{ github.event_name == 'workflow_dispatch' || github.event.issue.pull_request && contains(github.event.comment.body, '/profile') }} runs-on: ubuntu-latest + permissions: read-all strategy: fail-fast: false matrix: From 59d0c1e858d773c75610d8182bcfdf071c1dd5d3 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 18:17:06 -0500 Subject: [PATCH 03/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index e7b1c50e9..b9f4725c6 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -11,6 +11,14 @@ on: description: 'List of perf tests to run' required: false default: SyncHelloWorld + report_format: + description: 'Format of profiling report' + type: choice + required: true + options: + - speedscope + - flamegraph + default: flamegraph issue_comment: types: [created] env: @@ -75,9 +83,16 @@ jobs: docker exec $container_id sh -c "pip install py-spy" docker exec $container_id sh -c "mkdir /home/profiling_reports" profiling_sampling_rate=${{ github.event.inputs.profiling_sampling_rate }} - # report_name="${GITHUB_REF#refs/heads/}_${{ github.run_id }}.svg" - report_name="${{ github.run_id }}.svg" - docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f flamegraph --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" + report_format=${{ github.event.inputs.report_format }} + if [ "$report_format" == "flamegraph" ]; then + report_name="${{ github.run_id }}.svg" + elif [ "$report_format" == "speedscope" ]; then + report_name="${{ github.run_id }}.speedscope.json" + else + echo "Unsupported report format: $report_format" + exit 1 + fi + docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f ${github.event.inputs.report_format} --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" sleep 2 # Give it a moment to start py_spy_id=$(docker exec $container_id sh -c "ps aux | grep '[p]y-spy record'" | awk '{print $2}') From ad769c7eb2429644b0b5b6aa5cf39edc2cea0890 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 19:48:12 -0500 Subject: [PATCH 04/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index b9f4725c6..831b7e07d 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -18,7 +18,6 @@ on: options: - speedscope - flamegraph - default: flamegraph issue_comment: types: [created] env: @@ -92,7 +91,7 @@ jobs: echo "Unsupported report format: $report_format" exit 1 fi - docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f ${github.event.inputs.report_format} --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" + docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f $report_format --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" sleep 2 # Give it a moment to start py_spy_id=$(docker exec $container_id sh -c "ps aux | grep '[p]y-spy record'" | awk '{print $2}') From 62a19f640c442f9c72f19eb0e09197e14b696378 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:22:06 -0500 Subject: [PATCH 05/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 831b7e07d..be00fdd28 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -87,10 +87,6 @@ jobs: report_name="${{ github.run_id }}.svg" elif [ "$report_format" == "speedscope" ]; then report_name="${{ github.run_id }}.speedscope.json" - else - echo "Unsupported report format: $report_format" - exit 1 - fi docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f $report_format --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" sleep 2 # Give it a moment to start py_spy_id=$(docker exec $container_id sh -c "ps aux | grep '[p]y-spy record'" | awk '{print $2}') @@ -122,10 +118,19 @@ jobs: connection_string: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }} sync: 'false' - - name: Output Blob URL + - name: Output Blob URL - Flamegraph + if: ${{ github.event.inputs.report_format == 'flamegraph' }} run: | - blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" - echo "You can view the Blob at: $blob_url" + blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" + echo "You can view the Blob at: $blob_url" + + - name: Setup Node.js and Speedscope + if: ${{ github.event.inputs.report_format == 'speedscope' }} + uses: actions/setup-node@v3 + run: | + npm install -g speedscope + speedscope profiling_reports/${{ env.report_name }} + - name: Upload profiling result to artifact uses: actions/upload-artifact@v2 From 51fe9d9b2d6bcef4c2af73f764355babfe034c9b Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:25:00 -0500 Subject: [PATCH 06/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index be00fdd28..63790c17a 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -125,8 +125,8 @@ jobs: echo "You can view the Blob at: $blob_url" - name: Setup Node.js and Speedscope - if: ${{ github.event.inputs.report_format == 'speedscope' }} - uses: actions/setup-node@v3 + - uses: actions/setup-node@v3 + - if: ${{ github.event.inputs.report_format == 'speedscope' }} run: | npm install -g speedscope speedscope profiling_reports/${{ env.report_name }} From d45679d4fb92027da23333bce32bba931c1622ab Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:26:04 -0500 Subject: [PATCH 07/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 63790c17a..e8cd2d494 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -125,7 +125,7 @@ jobs: echo "You can view the Blob at: $blob_url" - name: Setup Node.js and Speedscope - - uses: actions/setup-node@v3 + uses: actions/setup-node@v3 - if: ${{ github.event.inputs.report_format == 'speedscope' }} run: | npm install -g speedscope From 1e3bc70b617808a2439557084dd58e1e5ead5f7b Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:34:11 -0500 Subject: [PATCH 08/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index e8cd2d494..e1cc0e9e6 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -79,7 +79,7 @@ jobs: - name: Start py-spy in the background run: | - docker exec $container_id sh -c "pip install py-spy" + # docker exec $container_id sh -c "pip install py-spy" docker exec $container_id sh -c "mkdir /home/profiling_reports" profiling_sampling_rate=${{ github.event.inputs.profiling_sampling_rate }} report_format=${{ github.event.inputs.report_format }} From 2d4779c603a09ca11fcab7afa6714be612c47b5f Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:42:07 -0500 Subject: [PATCH 09/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index e1cc0e9e6..6d9f7369b 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -79,7 +79,7 @@ jobs: - name: Start py-spy in the background run: | - # docker exec $container_id sh -c "pip install py-spy" + docker exec $container_id sh -c "pip install py-spy" docker exec $container_id sh -c "mkdir /home/profiling_reports" profiling_sampling_rate=${{ github.event.inputs.profiling_sampling_rate }} report_format=${{ github.event.inputs.report_format }} @@ -124,12 +124,12 @@ jobs: blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" echo "You can view the Blob at: $blob_url" - - name: Setup Node.js and Speedscope - uses: actions/setup-node@v3 - - if: ${{ github.event.inputs.report_format == 'speedscope' }} - run: | - npm install -g speedscope - speedscope profiling_reports/${{ env.report_name }} + # - name: Setup Node.js and Speedscope + # uses: actions/setup-node@v3 + # - if: ${{ github.event.inputs.report_format == 'speedscope' }} + # run: | + # npm install -g speedscope + # speedscope profiling_reports/${{ env.report_name }} - name: Upload profiling result to artifact From 96a654b343e1d4636d2aa1100945f6b5956ede51 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 20:51:10 -0500 Subject: [PATCH 10/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 26 ++++++++++-------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 6d9f7369b..1f59c6dd8 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -87,6 +87,10 @@ jobs: report_name="${{ github.run_id }}.svg" elif [ "$report_format" == "speedscope" ]; then report_name="${{ github.run_id }}.speedscope.json" + else + echo "Unsupported report format: $report_format" + exit 1 + fi docker exec -d $container_id sh -c "RUST_BACKTRACE=1 py-spy record -p $worker_pid -o /home/profiling_reports/$report_name -f $report_format --idle --nonblocking --rate $profiling_sampling_rate > /home/site/wwwroot/py-spy.log 2>&1 &" sleep 2 # Give it a moment to start py_spy_id=$(docker exec $container_id sh -c "ps aux | grep '[p]y-spy record'" | awk '{print $2}') @@ -105,11 +109,9 @@ jobs: docker exec $container_id cat /home/site/wwwroot/py-spy.log docker exec $container_id sh -c "kill -2 $py_spy_id" sleep 2 - mkdir profiling_reports chmod 777 profiling_reports docker cp $container_id:/home/profiling_reports/$report_name profiling_reports - - name: Upload SVG to Azure Blob Storage uses: bacongobbler/azure-blob-storage-upload@v3.0.0 with: @@ -118,20 +120,14 @@ jobs: connection_string: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }} sync: 'false' - - name: Output Blob URL - Flamegraph - if: ${{ github.event.inputs.report_format == 'flamegraph' }} + - name: Output Blob URL run: | - blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" - echo "You can view the Blob at: $blob_url" - - # - name: Setup Node.js and Speedscope - # uses: actions/setup-node@v3 - # - if: ${{ github.event.inputs.report_format == 'speedscope' }} - # run: | - # npm install -g speedscope - # speedscope profiling_reports/${{ env.report_name }} - - + blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" + echo "You can view the Blob at: $blob_url" + - name: Output SpeedScope + uses: actions/setup-node@v4.0.1 + - run: | + npm install -g speedscope - name: Upload profiling result to artifact uses: actions/upload-artifact@v2 with: From 511b613ff6f7aa29ef1ecd962b878363bdec19be Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 21:03:19 -0500 Subject: [PATCH 11/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 1f59c6dd8..76a4f4af2 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -128,6 +128,9 @@ jobs: uses: actions/setup-node@v4.0.1 - run: | npm install -g speedscope + report_format=${{ github.event.inputs.report_format }} + if [ "$report_format" == "speedscope" ]; then + speedscope profiling_reports/${{ env.report_name }} - name: Upload profiling result to artifact uses: actions/upload-artifact@v2 with: From 47927c56bee8a6804d89234ea841ecae0b86108d Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 21:21:23 -0500 Subject: [PATCH 12/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index 76a4f4af2..fe6b8437e 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -124,13 +124,7 @@ jobs: run: | blob_url="https://${{ env.PYTHON_FUNCTION_PROFILING_STORAGE_ACCT }}.blob.core.windows.net/profiling/${{ env.report_name }}" echo "You can view the Blob at: $blob_url" - - name: Output SpeedScope - uses: actions/setup-node@v4.0.1 - - run: | - npm install -g speedscope - report_format=${{ github.event.inputs.report_format }} - if [ "$report_format" == "speedscope" ]; then - speedscope profiling_reports/${{ env.report_name }} + - name: Upload profiling result to artifact uses: actions/upload-artifact@v2 with: From 901147a1316c44c66fb043dd7f55669880f1cd48 Mon Sep 17 00:00:00 2001 From: peterstone2017 <12449837+YunchuWang@users.noreply.github.com> Date: Mon, 22 Jan 2024 22:28:01 -0500 Subject: [PATCH 13/13] Update perf-testing-setup.yml --- .github/workflows/perf-testing-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/perf-testing-setup.yml b/.github/workflows/perf-testing-setup.yml index fe6b8437e..eff490906 100644 --- a/.github/workflows/perf-testing-setup.yml +++ b/.github/workflows/perf-testing-setup.yml @@ -28,7 +28,7 @@ env: jobs: build: - if: ${{ github.event_name == 'workflow_dispatch' || github.event.issue.pull_request && contains(github.event.comment.body, '/profile') }} + if: ${{ github.event_name == 'workflow_dispatch' || github.event.issue.pull_request != null && contains(github.event.comment.body, '/profile') }} runs-on: ubuntu-latest permissions: read-all strategy: