Skip to content

Update OSCAL type definitions #434

Update OSCAL type definitions

Update OSCAL type definitions #434

Workflow file for this run

---
name: Update OSCAL type definitions
on:
schedule:
# Run daily (Monday-Friday) at 12:15 UTC (08:15 EDT/07:15 EST)
- cron: "15 12 * * 1-5"
workflow_dispatch:
inputs:
prerelease:
description: "Allow prerelease OSCAL version"
required: true
default: false
type: boolean
permissions:
contents: read
jobs:
fetch-schema:
name: Fetch the latest complete schema
runs-on: ubuntu-latest
steps:
- name: Get information about the latest release
id: fetch-data
uses: actions/github-script@v7
with:
script: |
const prerelease = context.payload?.inputs?.prerelease ?? false;
const requestParams = { owner: "usnistgov", repo: "OSCAL" };
const release = prerelease
? (await github.rest.repos.listReleases(requestParams)).data[0]
: (await github.rest.repos.getLatestRelease(requestParams)).data;
const version = release.tag_name.slice(1); // Remove leading `v` character
core.setOutput("version", version);
let url = undefined;
for (const asset of release.assets) {
if (asset.name == `oscal-${version}.zip`) {
url = asset.browser_download_url;
break;
}
}
if (!url) {
console.log(`Failed to find a matching download URL for ${version}`);
}
core.setOutput("url", url);
- name: Download the latest OSCAL release
run: |
wget -q ${{ steps.fetch-data.outputs.url }}
unzip oscal-${{ steps.fetch-data.outputs.version }}.zip
basedir="$(test -d json && echo "." || echo "oscal-${{ steps.fetch-data.outputs.version }}")"
cp "$basedir/json/schema/oscal_complete_schema.json" .
echo "${{ steps.fetch-data.outputs.version }}" > VERSION.txt
- name: Upload schema artifact
uses: actions/upload-artifact@v4
with:
name: schema
path: |
oscal_complete_schema.json
VERSION.txt
generate:
name: Generate types from schema
needs: [fetch-schema]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: main
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 'lts/*'
cache: 'npm'
- name: Install npm
run: npm install -g npm@latest
- name: Install OS dependencies
run: sudo apt-get update && sudo apt-get install -y unzip wget
- name: Install package dependencies
run: npm ci
- name: Fetch the artifact
uses: actions/download-artifact@v3
with:
name: schema
path: schema
- name: Run the update command
run: |
npx ts-node scripts/generate-types.ts schema packages/oscal-types/src
- name: Save version as output
id: version
run:
echo "VERSION_ID=$(cat schema/VERSION.txt)" >> "$GITHUB_OUTPUT"
- name: Login as the automation app
# This Action generates a token from the GitHub App and provides it as
# an output. It _does_ register that token as a secret so that it will be
# filtered from log output automatically
id: generate-token
# This maps to v1.8.0 https://github.com/tibdex/github-app-token/releases/tag/v1.8.0
uses: tibdex/github-app-token@0914d50df753bbc42180d982a6550f195390069f
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
permissions: >-
{
"contents": "write",
"pull_requests": "write"
}
- name: Create update pull request
uses: peter-evans/create-pull-request@v5
with:
commit-message: "chore(deps): update OSCAL types to v${{ steps.version.outputs.VERSION_ID }}"
title: "chore(deps): update OSCAL types to v${{ steps.version.outputs.VERSION_ID }}"
body: |
This was generated by the "${{ github.workflow }}" workflow. For more information,
see the workflow and `scripts/generate-types.ts`.
branch: automation/update-oscal-types
add-paths: |
packages/oscal-types
delete-branch: true
base: main
committer: Easy Dynamics Automation <[email protected]>
author: Easy Dynamics Automation <[email protected]>
token: "${{ steps.generate-token.outputs.token }}"