all PR related steps as actions

PaloAltoNetworks · Oct 18, 2023 · e95f296 · e95f296
1 parent 7fd9dd6
commit e95f296
Show file tree

Hide file tree

Showing 6 changed files with 269 additions and 208 deletions.
diff --git a/.github/actions/artifact_docs/action.yml b/.github/actions/artifact_docs/action.yml
@@ -0,0 +1,15 @@
+name: Artifact Documentation
+description: 'Create an artifact from the current documentation.'
+
+runs:
+  using: composite
+  steps:
+    - name: pack the documentation
+      working-directory: docs
+      shell: bash
+      run: tar --exclude .DS_Store --exclude sidebars.js -cvf documentation.tar *
+    - name: upload the documentation artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: documentation
+        path: docs/documentation.tar
diff --git a/.github/actions/build_image/action.yml b/.github/actions/build_image/action.yml
@@ -0,0 +1,69 @@
+name: Build Docker image
+description: 'Builds a Docker image for XSOAR usage.'
+
+inputs: 
+  python_version:
+    description: A version of Python to install
+    type: string
+    required: true
+  publish:
+    description: A flag that triggers publishing to GHCR
+    type: boolean
+    default: false
+  token:
+    description: Token to authenticate to GH, required to update the PR
+    type: string
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: install Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ inputs.python_version }}
+        cache: pip
+
+    - name: install Poetry
+      uses: Gr1N/setup-poetry@v8
+
+    - name: get the tag name for new image
+      id: tag
+      shell: bash
+      run: |
+        echo "version_tag=$(poetry version -s)" >> $GITHUB_OUTPUT
+
+    - name: build and prepare package for containerization
+      shell: bash
+      run: |
+        poetry env use ${{ inputs.python_version }}
+        poetry lock
+        poetry build
+        poetry export --without-hashes --format=requirements.txt > requirements.txt
+
+    - name: determine docker tags and labels
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ghcr.io/paloaltonetworks/panos_upgrade_assurance
+        tags: |
+          type=raw,value=latest
+          type=semver,pattern=v{{version}},value=${{ steps.tag.outputs.version_tag }}
+          type=semver,pattern=v{{major}}.{{minor}},value=${{ steps.tag.outputs.version_tag }}
+          type=semver,pattern=v{{major}},value=${{ steps.tag.outputs.version_tag }}
+
+    - name: login to GHCR
+      if: inputs.publish
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.token }}
+
+    - name: build ${{ inputs.publish && 'and publish' || '' }}
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        push: ${{ inputs.publish }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/actions/pandev_pr/action.yml b/.github/actions/pandev_pr/action.yml
@@ -0,0 +1,99 @@
+name: PanDev PR
+description: 'Creates a PR in PanDev repository, a preview (PR) or a mergable (release) one.'
+
+inputs:
+  token:
+    description: Token to authenticate to PanDev repository
+    type: string
+    required: true
+  ref_name:
+    description: A branch name or a release tag
+    type: string
+    required: true
+  pr_no:
+    description: PR number, triggers creation of a preview PR
+    required: false
+
+runs:
+  using: composite
+  steps:
+    - name: checkout pan.dev
+      uses: actions/checkout@v4
+      with:
+        repository: PaloAltoNetworks/pan.dev
+        token: ${{ inputs.token }}
+
+    - name: download documentation artifact
+      uses: actions/download-artifact@v3
+      with:
+        name: documentation
+        path: products/panos/docs
+
+    - name: see where we are
+      shell: bash
+      run: tree -aL 2
+
+    - name: unpack the documentation
+      working-directory: products/panos/docs
+      shell: bash
+      run: |
+        rm -rf 'panos-upgrade-assurance'
+        tar xvf documentation.tar
+        rm -f documentation.tar
+
+    - name: create a release PR to upstream pan.dev
+      if: inputs.pr_no == ''
+      uses: peter-evans/create-pull-request@v5
+      with:
+        token: ${{ inputs.token }}
+        delete-branch: true
+        branch: "pua_release_${{ inputs.ref_name }}"
+        title: "[PAN-OS Upgrade Assurance] documentation update for release: ${{ inputs.ref_name }}"
+        commit-message: "docs: PanOS Upgrade Assurance documentation update"
+        labels: netsec
+        body: |
+          # Description
+          
+          A PR made for changes introduced into documentation on ${{ inputs.ref_name }} release.
+
+          # Types of changes
+
+          New feature (non-breaking change which adds functionality)
+
+    - name: create a preview PR to pan.dev
+      id: preview
+      if: inputs.pr_no != ''
+      uses: peter-evans/create-pull-request@v5
+      with:
+        token: ${{ inputs.token }}
+        delete-branch: true
+        branch: "pua_prev_${{ inputs.ref_name }}"
+        title: "[PAN-OS Upgrade Assurance][${{ inputs.ref_name }}] documentation PREVIEW - do NOT MERGE"
+        commit-message: "docs: PanOS Upgrade Assurance documentation update"
+        labels: netsec, DO NOT MERGE
+        body: |
+          # Description
+          
+          DO NOT MERGE - preview PR made for changes on branch: ${{ inputs.ref_name }}.
+
+          # Types of changes
+
+          New feature (non-breaking change which adds functionality)
+
+    - name: find if we have a comment
+      id: find
+      if: steps.preview.outputs.pull-request-url != ''
+      uses: peter-evans/find-comment@v2
+      with:
+        issue-number: ${{ github.event.pull_request.number }}
+        body-includes: A Preview PR in PanDev repo has been created
+        repository: ${{ github.repository }}
+
+    - name: comment back on the original PR
+      if: steps.find.outputs.comment-id == ''
+      uses: peter-evans/create-or-update-comment@v3
+      with:
+        issue-number: ${{ github.event.pull_request.number }}
+        repository: ${{ github.repository }}
+        body: |
+          A Preview PR in PanDev repo has been created. You can view it [here](${{ steps.pr.outputs.pull-request-url }}).
diff --git a/.github/actions/unit_tests/action.yml b/.github/actions/unit_tests/action.yml
@@ -34,7 +34,7 @@ runs:
       run: poetry run make test_coverage
 
     # requires pull-requests: write permissions when triggered from PRs
-    - name: g et coverage
+    - name: get coverage
       if: ${{ github.event_name == 'pull_request' }}
       uses: orgoro/[email protected]
       with:

diff --git a/.github/workflows/_docker.yml b/.github/workflows/_docker.yml