generated from pagopa/terraform-infrastructure-template
-
Notifications
You must be signed in to change notification settings - Fork 2
166 lines (134 loc) · 5.9 KB
/
static_analysis_pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: Static Analysis PR
on:
push:
branches-ignore:
- main
jobs:
static_analysis:
runs-on: ubuntu-latest
steps:
- run: |
rm -rf *
- name: ⏬ Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install necessary packages
run: python -m pip install --upgrade pip
- name: 🔨 Get Modified Paths
id: get-paths
run: |
import os
import subprocess
IGNORED_PATHS = ["domains", "scripts", "github", ".devops"]
def get_current_branch():
result = subprocess.run(["git", "rev-parse", "--abbrev-ref", "HEAD"], capture_output=True, text=True)
return result.stdout.strip()
def get_git_diff(current_branch):
subprocess.run(["git", "fetch", "origin"])
result = subprocess.run(["git", "diff", "--name-only", current_branch, "origin/main"], capture_output=True, text=True)
with open('/tmp/diff.txt', 'w') as f:
f.write(result.stdout)
def get_required_path(path):
# Split the path into its components
parts = path.split(os.sep)
# Find the index of "src" and "domains"
try:
start_index = parts.index("src") # Find "src"
# Check if "domains" is present and get up one higher level
if "domains" in parts[start_index:]:
domains_index = parts.index("domains", start_index)
if len(parts) > domains_index + 2: # Ensure there is a level after "domains"
end_index = 3 # Exclude the last part
# Include the parent of "domains" and all up to the second last part
return os.sep.join(parts[start_index:end_index])
else:
return ""
else: # Handle paths not containing 'domains'
if len(parts) > start_index + 2: # Ensure there is enough depth
end_index = 2 # Exclude the last part
return os.sep.join(parts[start_index:end_index])
else:
return ""
except (ValueError, IndexError) as e:
return ""
def get_modified_paths(pattern, exclude_ignored=True):
with open('/tmp/diff.txt') as f:
lines = f.readlines()
if exclude_ignored:
paths = [
line.strip()
for line in lines
if not any(ignored in line for ignored in IGNORED_PATHS)
]
else:
paths = [line.strip() for line in lines if pattern in line]
# Removing duplicates and sorting
unique_paths = sorted(set([
get_required_path(path)
for path in paths if path
]))
return unique_paths
def write_to_file(content, filepath):
with open(filepath, 'w') as f:
f.write(content)
def main():
current_branch = get_current_branch()
print(f"Current branch: {current_branch}")
get_git_diff(current_branch)
modified_paths_source = get_modified_paths('src/', exclude_ignored=True)
print(f"Modified paths in source: {modified_paths_source}")
modified_paths_domains = get_modified_paths('domains', exclude_ignored=False)
print(f"Modified paths in domains: {modified_paths_domains}")
modified_paths = "\n".join(modified_paths_source + modified_paths_domains)
print(f"📌 Modified paths: {modified_paths}")
write_to_file(modified_paths, "/tmp/paths.txt")
if any("src/" in path for path in modified_paths.split()):
print("src folder modified.")
with open(os.getenv('GITHUB_ENV'), 'a') as f:
f.write('run_static_analysis=true\n')
else:
print("src folder not modified.")
with open(os.getenv('GITHUB_ENV'), 'a') as f:
f.write('run_static_analysis=false\n')
if __name__ == "__main__":
main()
shell: python
- name: Read modified paths
if: env.run_static_analysis == 'true'
id: read_paths
run: |
modified_paths=$(cat /tmp/paths.txt)
echo "Modified paths: $modified_paths"
echo "::set-output name=modified_paths::$modified_paths"
- name: ⏬ Download Modified Folders Only
if: env.run_static_analysis == 'true'
id: download_changed_folders
shell: bash
run: |
# Read all paths and download only the modified folders
MODIFIED_FOLDERS=($(cat /tmp/paths.txt))
# Include 'scripts' in the list of directories to checkout
MODIFIED_FOLDERS+=("scripts")
# Initialize git sparse-checkout
git sparse-checkout init --cone
# Set each path in MODIFIED_FOLDERS for sparse-checkout
git sparse-checkout set "${MODIFIED_FOLDERS[@]}"
# Checkout the latest changes
git checkout
- name: 👀 See folders downloaded
if: env.run_static_analysis == 'true'
id: see
shell: bash
run: |
ls -la
du -h -d 3 .
- name: Static Analysis
if: env.run_static_analysis == 'true'
uses: pagopa/eng-github-actions-iac-template/azure/[email protected]
with:
precommit_version: 'v1.89.1@sha256:1ea921bc4fe87651d41677218e537afdcdb8202e757e554b9866668eaba144c5'