chore: adds workflow parameters to update-upstream.yml (#69)

* chore: adds workflow parameters to update-upstream.yml Allows the name and references to the upstream content to be overridden when running the update workflow. Signed-off-by: Jennifer Power <[email protected]> * chore: updates description for repository references Signed-off-by: Jennifer Power <[email protected]> --------- Signed-off-by: Jennifer Power <[email protected]>
RedHatProductSecurity · Jan 18, 2024 · d6c7a8b · d6c7a8b
1 parent 7bf7d45
commit d6c7a8b
Showing 1 changed file with 26 additions and 7 deletions.
diff --git a/.github/workflows/update-upstream.yml b/.github/workflows/update-upstream.yml
@@ -1,12 +1,24 @@
 name: Update content from upstream (NIST and FedRAMP)
 
-on: workflow_dispatch
-
-env:
-  FEDRAMP_PROFILE_NAME: "fedramp_rev5_high"
-  NIST_CATALOG_NAME: "nist_rev5_800_53"
-  FEDRAMP_REPO_REF: "master"
-  NIST_REPO_REF: "690f517daaf3a6cbb4056d3cde6eae2756765620"
+on: 
+  workflow_dispatch:
+    inputs:
+        fedramp_repo_ref:
+          required: false
+          default: "master"
+          description: GSA/fedramp-automation repository reference
+        nist_repo_ref:
+          required: false
+          default: "master"
+          description: usnistgov/oscal-content repository reference
+        fedramp_profile_name:
+          required: false
+          default: "fedramp_rev5_high"
+          description: FedRAMP profile name
+        nist_catalog_name:
+          required: false
+          default: "nist_rev5_800_53"
+          description: NIST catalog name
 
 jobs:
   update:
@@ -28,10 +40,17 @@ jobs:
         with:
           token: ${{ steps.get_installation_token.outputs.token }}
       - name: Update catalogs
+        env:
+          NIST_REPO_REF: ${{ github.event.inputs.nist_repo_ref }}
+          NIST_CATALOG_NAME: ${{ github.event.inputs.nist_catalog_name }}
         run: |
           rm -rf "catalogs/${NIST_CATALOG_NAME}"
           trestle import -f "https://raw.githubusercontent.com/usnistgov/oscal-content/${NIST_REPO_REF}/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_catalog.json" -o "${NIST_CATALOG_NAME}"
       - name: Update profiles
+        env:
+          FEDRAMP_REPO_REF: ${{ github.event.inputs.fedramp_repo_ref }}
+          FEDRAMP_PROFILE_NAME: ${{ github.event.inputs.fedramp_profile_name }}
+          NIST_CATALOG_NAME: ${{ github.event.inputs.nist_catalog_name }}
         run: |
           rm -rf "profiles/${FEDRAMP_PROFILE_NAME}"
           trestle import -f "https://raw.githubusercontent.com/GSA/fedramp-automation/${FEDRAMP_REPO_REF}/dist/content/rev5/baselines/json/FedRAMP_rev5_HIGH-baseline_profile.json" -o "${FEDRAMP_PROFILE_NAME}"