From 3a0664a4fe0ffd2421d218308a5cc000e2ff86e6 Mon Sep 17 00:00:00 2001 From: MrkMrk00 Date: Tue, 19 May 2026 08:06:40 +0200 Subject: [PATCH] chore(grafana-annotation): remove usage of archived action MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix(grafana-annotation): correct curl URL, payload key, PATCH semantics and tag parsing - Pass $endpoint to curl (was missing — every request failed with "no URL specified") - Fix "test" → "text" so the annotation text is actually stored - PATCH now updates only timeEnd (mirrors the archived action's close-out behaviour) - Build JSON body with jq (escapes text correctly, removes injection vector) - Parse newline-separated tags with `jq -Rn` so plain-string tags work - Drop `set -x` so the Authorization header isn't xtraced - `jq -r '.id'` for unquoted output, quote $GITHUB_OUTPUT --- .github/workflows/grafana_annotation.yaml | 58 ++++++++++++++++++----- 1 file changed, 45 insertions(+), 13 deletions(-) diff --git a/.github/workflows/grafana_annotation.yaml b/.github/workflows/grafana_annotation.yaml index b688291d..b5c12e01 100644 --- a/.github/workflows/grafana_annotation.yaml +++ b/.github/workflows/grafana_annotation.yaml @@ -3,10 +3,6 @@ name: grafana annotation on: workflow_call: inputs: - environment: - description: Environment - required: false - type: string grafanaAnnotationTags: description: Custom annotation tags required: false @@ -28,7 +24,7 @@ on: outputs: annotation_id: description: Annotation Id - value: ${{ jobs.grafana.outputs.annotation_id }} + value: ${{ jobs.grafana.outputs.annotation_id }} jobs: grafana: @@ -36,12 +32,48 @@ jobs: outputs: annotation_id: ${{ steps.grafana.outputs.annotation-id }} steps: - - name: add Grafana annotation + - name: Add grafana annotation id: grafana - uses: hexionas/grafana-annotation-action@v1.0.1 - with: - grafanaHost: "https://grafana.apify.dev" - grafanaToken: ${{ secrets.grafanaApiToken }} - grafanaText: ${{ inputs.grafanaAnnotationText }} - grafanaTags: ${{ inputs.grafanaAnnotationTags }} - grafanaAnnotationID: ${{ inputs.grafanaAnnotationId }} \ No newline at end of file + env: + GRAFANA_ANNOTATION_ID: ${{ inputs.grafanaAnnotationId }} + GRAFANA_ANNOTATION_TAGS: ${{ inputs.grafanaAnnotationTags }} + GRAFANA_ANNOTATION_TEXT: ${{ inputs.grafanaAnnotationText }} + GRAFANA_TOKEN: ${{ secrets.grafanaApiToken }} + GRAFANA_HOST: "https://grafana.apify.dev" + run: | + set -euo pipefail + + endpoint="$GRAFANA_HOST/api/annotations" + + # Convert newline-separated tags into a JSON array, dropping empty lines. + tags_json=$(printf '%s' "$GRAFANA_ANNOTATION_TAGS" \ + | jq -Rn '[inputs | select(. != "")]') + + # Determine whether to create (POST) or close out (PATCH) the annotation. + # PATCH mirrors the archived action: it only updates the annotation's + # end time to "now" (milliseconds since epoch). + if [[ -n "${GRAFANA_ANNOTATION_ID:-}" ]]; then + method='PATCH' + endpoint="$endpoint/$GRAFANA_ANNOTATION_ID" + body=$(jq -n --argjson timeEnd "$(date +%s%3N)" \ + '{timeEnd: $timeEnd}') + else + method='POST' + body=$(jq -n \ + --arg text "$GRAFANA_ANNOTATION_TEXT" \ + --argjson tags "$tags_json" \ + '{tags: $tags, text: $text}') + fi + + response=$(curl --fail --retry 3 --silent --show-error \ + -X "$method" "$endpoint" \ + --header "Authorization: Bearer $GRAFANA_TOKEN" \ + --header 'Content-Type: application/json' \ + --data "$body") + + if [[ "$method" == 'POST' ]]; then + id=$(jq -r '.id' <<< "$response") + echo "annotation-id=$id" >> "$GITHUB_OUTPUT" + else + echo "annotation-id=$GRAFANA_ANNOTATION_ID" >> "$GITHUB_OUTPUT" + fi