From 0e1de9d892670adb5b0ad53c07266f0b40f26b4a Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Thu, 23 May 2024 13:06:28 -0400 Subject: [PATCH] refactor: trestle-bot migration from check_only (#90) * :arrow_up: bump RedHatProductSecurity/trestle-bot from 0.8.0 to 0.9.0 Bumps [RedHatProductSecurity/trestle-bot](https://github.com/redhatproductsecurity/trestle-bot) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/redhatproductsecurity/trestle-bot/releases) - [Commits](https://github.com/redhatproductsecurity/trestle-bot/compare/v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: RedHatProductSecurity/trestle-bot dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * refactor: updates validate.yml for trestlebot migration from check_only Signed-off-by: Jennifer Power --------- Signed-off-by: dependabot[bot] Signed-off-by: Jennifer Power Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/autosync-profile.yml | 2 +- .github/workflows/create-new.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/update-upstream.yml | 2 +- .github/workflows/validate.yml | 12 +++++++++--- 5 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/workflows/autosync-profile.yml b/.github/workflows/autosync-profile.yml index f489207..c18185a 100644 --- a/.github/workflows/autosync-profile.yml +++ b/.github/workflows/autosync-profile.yml @@ -31,7 +31,7 @@ jobs: token: ${{ steps.get_installation_token.outputs.token }} - name: autosync profile id: autosync-profile - uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.8.0 + uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.9.0 with: markdown_path: "markdown/profiles" oscal_model: "profile" diff --git a/.github/workflows/create-new.yml b/.github/workflows/create-new.yml index caf613e..8c72636 100644 --- a/.github/workflows/create-new.yml +++ b/.github/workflows/create-new.yml @@ -22,7 +22,7 @@ jobs: name: Create profile runs-on: ubuntu-latest container: - image: quay.io/continuouscompliance/trestle-bot:v0.8.0 + image: quay.io/continuouscompliance/trestle-bot:v0.9.0 steps: - name: Generate app token uses: tibdex/github-app-token@v2.1.0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6fb46b5..c93c7bb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: with: token: ${{ steps.get_installation_token.outputs.token }} - name: Autosync - uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.8.0 + uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.9.0 with: markdown_path: "markdown/profiles" oscal_model: "profile" diff --git a/.github/workflows/update-upstream.yml b/.github/workflows/update-upstream.yml index 2b9ad79..d6b8686 100644 --- a/.github/workflows/update-upstream.yml +++ b/.github/workflows/update-upstream.yml @@ -79,7 +79,7 @@ jobs: "profiles/${FEDRAMP_PROFILE_NAME}" - name: Regenerate profiles if: ${{ steps.updates.outputs.pull-request-number }} - uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.8.0 + uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.9.0 with: markdown_path: "markdown/profiles" oscal_model: "profile" diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 3d635e4..9972615 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -22,13 +22,19 @@ jobs: - name: Clone uses: actions/checkout@v4 - name: Check profile - id: check-profile - uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.8.0 + id: check + uses: RedHatProductSecurity/trestle-bot/actions/autosync@v0.9.0 with: markdown_path: "markdown/profiles" oscal_model: "profile" - check_only: true skip_items: "fedramp_rev5_high" + dry_run: true + - name: Fail + if: ${{ steps.check.outputs.changes == 'true' }} + uses: actions/github-script@v7 + with: + script: | + core.setFailed('Changes detected. Manual intervention may be required.') call-autosync: needs: [test]