.github/workflows/mythx-changed.yml

name: Mythx Changed only

on:
  workflow_call:
    inputs:
      pr_number:
        description: PR Number to run this test against
        required: true
        type: string
      mode:
        description: "Mythx scan mode (quick|standard|deep)"
        required: true
        type: string
    secrets:
      MYTHX_API_KEY:
        description: 'mythx api token'
        required: true
  workflow_dispatch:
    inputs:
      pr_number:
        description: PR Number to run this test against
        required: true
        type: string
      mode:
        description: "Mythx scan mode (quick|standard|deep)"
        required: true
        default: standard
        type: choice
        options:
          - quick
          - standard
          - deep

jobs:
  mythx:
    permissions: read-all
    runs-on: ubuntu-latest
    outputs:
      group_id: ${{ steps.comment_prepare.outputs.group_id }}
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
          ref: refs/pull/${{ inputs.pr_number }}/merge
      - name: Install node
        uses: actions/setup-node@v3
        with:
          cache: "yarn"
          node-version: 16
      - uses: actions/setup-python@v4
      - name: Install mythx-cli
        run: pip install mythx-cli
      - name: Changed Files Exporter
        id: files
        uses: umani/changed-files@v3.3.0
        with:
          repo-token: ${{ github.token }}
          pr-number: ${{ inputs.pr_number }}
          pattern: '^.*\.sol$'
      - name: Install deps
        run: yarn
      - name: Run mythx
        run: mythx --yes --output id --format json --api-key ${{ secrets.MYTHX_API_KEY }} analyze --async --mode "$MODE" ${{ steps.files.outputs.files_created }} ${{ steps.files.outputs.files_updated }}
        env:
          MODE: ${{ inputs.mode }}
      - name: Comment Prepare
        id: comment_prepare
        run: |
          id=$(cat id | head -1)
          group_id=$(mythx --format=json --api-key ${{ secrets.MYTHX_API_KEY }} analysis status $id | jq -r .group_id)
          echo "group_id=$group_id" >> $GITHUB_OUTPUT
  comment:
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
    needs: [mythx]
    steps:
      - name: Comment a pull_request
        if: ${{ inputs.pr_number != '' }}
        uses: thollander/actions-comment-pull-request@v1
        with:
          pr_number: ${{ inputs.pr_number }}
          message: 'Scan started in group [https://dashboard.mythx.io/#/console/analyses/groups/${{ needs.mythx.outputs.group_id }}](https://dashboard.mythx.io/#/console/analyses/groups/${{ needs.mythx.outputs.group_id }})'
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: SEE HERE FOR DASHBOARD LINK
        run: |
          echo 'Scan started in group https://dashboard.mythx.io/#/console/analyses/groups/${{ needs.mythx.outputs.group_id }}'