Even though the action is already guarded to only run for
organization members that manually trigger the action, we
can reduce the permissions by using a GitHub token without
any permissions to post the result comment.
If we try to resolve the benchmark compare ref (which may be just
`main`), we are just looking inside the PR branch- but that may
not include the `main` SHA. i.e. it's possible to run a comparison
where the PR is slightly behind of the `main` branch, or a comparison
commit from a different branch is used.
We fix this/ and simplify the logic by resolving the SHAs directly in
the TypeScript code, instead of relying on the rather brittle Bash.
Note that current solution still works, but we sometimes may not be able
to resolve to an actual SHA- causing issues as in 864bd72cb2
PR Close#50764
Currently the compare ref might be `main`. We will use that value
and put it into the GitHub results comment. This is non-ideal because
in the future `main` might be a different SHA and the results comment
would become invalid/confusing.
We fix this by resolving the actual SHA when the benchmark was
initiated.
The checkout action always assumes the main repository, but
the branch name/SHA of the pull request will be from a fork.
We fix this by using an updated action that exposes the branch
repo owner and name, so that we can check out the actual PR
branch/SHA.
PR Close#50758
This commit creates a GitHub action that runs benchmark comparisons
for a single target whenever a command comment is created by trusted
Angular organization members:
```
/benchmark-compare <compare-ref> <benchmark-target>
```
The benchmark will be run locally in Github actions, using the same
machine to minimize number deviation. The results are then printed
to the GitHub PR using a comment.
At current time, no actual "green/red" state is computed, but rather
the raw results are printed. In the future, since we have all the
metric data from the benchpress JSON logs, we could implement something
more easy to understand- but that's a follow-up/needs more discussion.
PR Close#50745
