Show exact run URL and add lifecycle comment to wheel promotion

[AAraKKe]

What does this PR do?

Adds a return_run_details mode to dispatch_workflow and uses it in ddev dep promote so the CLI prints the exact run URL instead of a generic recent-runs link. Replaces the one-shot success comment in dependency-wheel-promotion.yaml with a lifecycle comment that updates on start, success, and failure, scoped per (PR, head SHA). Suppresses noisy httpx request logs while running the promote command.

Motivation

Followup to the dependency wheel promotion work. The CLI was pointing users at a recent-runs query instead of the run they just dispatched, and the workflow only commented on success, so a failed run left no PR-visible signal.

The workflow lifecycle comment passes user inputs through action inputs (not shell) and reads inputs.head_sha via process.env.HEAD_SHA inside actions/github-script so a malicious workflow_dispatch input cannot break out of a JS string literal. Permissions are unchanged, PR checkout stays sparse-pinned to .deps/resolved, and all actions are pinned by SHA.

Review checklist (to be filled by reviewers)

• Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
• Add qa/required if this PR needs QA validation, or qa/skip-qa if it does not. Exactly one of the two is required.
• If you need to backport this PR to another branch, you can add the backport/<branch-name> label to the PR and it will automatically open a backport PR once this one is merged

---

This PR has been created and validated using the paired-review skill from agent-integrations.

[datadog-official]

 

✨ Fix all issues with BitsAI

⚠️ Warnings

🚦 1 Pipeline job failed

PR All | test / j89811be / Appgate SDP     

🔄 Retry job. This looks flaky and may succeed on retry.

Error: unable to start CMD API server: unable to listen to address localhost:38513: bind: address already in use.

🧪 1 Test failed in 1 job

PR All | run  

test_check_appgate_sdp_e2e from test_e2e.py   (Fix with Cursor)

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-check-apikey.sh: executing... 
[cont-init.d] 01-check-apikey.sh: exited 0.
[cont-init.d] 50-ci.sh: executing... 
[cont-init.d] 50-ci.sh: exited 0.
[cont-init.d] 50-ecs-managed.sh: executing... 
...

ℹ️ Info

No other issues found (see more)

❄️ No new flaky tests detected

🎯 Code Coverage (details)
• Patch Coverage: 98.17%
• Overall Coverage: 87.48% (+0.13%)

Useful? React with 👍 / 👎

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: a291a76 | Docs | Datadog PR Page | Give us feedback!}

[codecov]

Codecov Report

❌ Patch coverage is 98.16514% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 90.92%. Comparing base (7e7ccb5) to head (a291a76).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dd-octo-sts]

Validation Report

All 21 validations passed.

Show details

Validation	Description	Status
agent-reqs	Verify check versions match the Agent requirements file	✅
ci	Validate CI configuration and Codecov settings	✅
codeowners	Validate every integration has a CODEOWNERS entry	✅
config	Validate default configuration files against spec.yaml	✅
dep	Verify dependency pins are consistent and Agent-compatible	✅
http	Validate integrations use the HTTP wrapper correctly	✅
imports	Validate check imports do not use deprecated modules	✅
integration-style	Validate check code style conventions	✅
jmx-metrics	Validate JMX metrics definition files and config	✅
labeler	Validate PR labeler config matches integration directories	✅
legacy-signature	Validate no integration uses the legacy Agent check signature	✅
license-headers	Validate Python files have proper license headers	✅
licenses	Validate third-party license attribution list	✅
metadata	Validate metadata.csv metric definitions	✅
models	Validate configuration data models match spec.yaml	✅
openmetrics	Validate OpenMetrics integrations disable the metric limit	✅
package	Validate Python package metadata and naming	✅
qa-label	Validate the pull request declares whether it needs QA for the next Agent release	✅
readmes	Validate README files have required sections	✅
saved-views	Validate saved view JSON file structure and fields	✅
version	Validate version consistency between package and changelog	✅

View full run