From 9bf0fd67a662e561da79325f8907c7abfdfc3bda Mon Sep 17 00:00:00 2001 From: George Vauter Date: Thu, 31 Oct 2024 15:08:33 -0400 Subject: [PATCH] fix: update trestlebot actions from TEMPLATES --- .../workflows/trestlebot-autosync-catalog.yml | 9 +++-- .../workflows/trestlebot-autosync-profile.yml | 9 +++-- .github/workflows/trestlebot-autosync-ssp.yml | 32 +++++++++++++++ ...trestlebot-create-component-definition.yml | 4 +- .../workflows/trestlebot-rules-transform.yml | 40 +++++++++---------- 5 files changed, 62 insertions(+), 32 deletions(-) create mode 100644 .github/workflows/trestlebot-autosync-ssp.yml diff --git a/.github/workflows/trestlebot-autosync-catalog.yml b/.github/workflows/trestlebot-autosync-catalog.yml index 56a85d47f..a78aa6ef1 100644 --- a/.github/workflows/trestlebot-autosync-catalog.yml +++ b/.github/workflows/trestlebot-autosync-catalog.yml @@ -2,13 +2,17 @@ name: Trestle-bot autosync catalog updates on: - pull_request: + push: branches: - main paths: - 'catalogs/**' - 'markdown/catalogs/**' +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + jobs: autosync: name: Autosync catalog content @@ -18,8 +22,6 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - name: Run autosync id: autosync uses: RedHatProductSecurity/trestle-bot/actions/autosync@main @@ -27,4 +29,3 @@ jobs: markdown_path: "markdown/catalogs" oscal_model: "catalog" file_pattern: "*.json,markdown/*" - branch: ${{ github.head_ref }} diff --git a/.github/workflows/trestlebot-autosync-profile.yml b/.github/workflows/trestlebot-autosync-profile.yml index 80a231574..dfeff2ba7 100644 --- a/.github/workflows/trestlebot-autosync-profile.yml +++ b/.github/workflows/trestlebot-autosync-profile.yml @@ -2,13 +2,17 @@ name: Trestle-bot autosync profile updates on: - pull_request: + push: branches: - main paths: - 'profiles/**' - 'markdown/profiles/**' +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + jobs: autosync: name: Autosync profile content @@ -18,8 +22,6 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - name: Run autosync id: autosync uses: RedHatProductSecurity/trestle-bot/actions/autosync@main @@ -27,4 +29,3 @@ jobs: markdown_path: "markdown/profiles" oscal_model: "profile" file_pattern: "*.json,markdown/*" - branch: ${{ github.head_ref }} diff --git a/.github/workflows/trestlebot-autosync-ssp.yml b/.github/workflows/trestlebot-autosync-ssp.yml new file mode 100644 index 000000000..71aa4fba1 --- /dev/null +++ b/.github/workflows/trestlebot-autosync-ssp.yml @@ -0,0 +1,32 @@ +name: Trestle-bot autosync ssp updates +on: + push: + branches: + - main + paths: + - 'profiles/**' + - 'catalogs/**' + - 'component-definitions/**' + - 'system-security-plans/**' + - 'markdown/**' + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + autosync: + name: Autosync ssp content + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Run autosync + id: autosync + uses: RedHatProductSecurity/trestle-bot/actions/autosync@main + with: + markdown_path: "markdown/system-security-plans" + oscal_model: "ssp" + file_pattern: "*.json,markdown/*" \ No newline at end of file diff --git a/.github/workflows/trestlebot-create-component-definition.yml b/.github/workflows/trestlebot-create-component-definition.yml index 565ff2d1f..4c4bf0f77 100644 --- a/.github/workflows/trestlebot-create-component-definition.yml +++ b/.github/workflows/trestlebot-create-component-definition.yml @@ -1,5 +1,5 @@ --- -name: Trestle-bot Create Component Definition +name: Trestle-bot create component-definition on: workflow_dispatch: @@ -40,7 +40,7 @@ jobs: component_title: ${{ github.event.inputs.component_title }} component_type: ${{ github.event.inputs.component_type }} component_description: ${{ github.event.inputs.component_description }} - markdown_path: "markdown/components" + markdown_path: "markdown/component-definitions" branch: "create-component-definition-${{ github.run_id }}" target_branch: "main" file_pattern: "*.json,markdown/*,rules/*" diff --git a/.github/workflows/trestlebot-rules-transform.yml b/.github/workflows/trestlebot-rules-transform.yml index 31beaf73f..a6dcc05da 100644 --- a/.github/workflows/trestlebot-rules-transform.yml +++ b/.github/workflows/trestlebot-rules-transform.yml @@ -2,7 +2,7 @@ name: Trestle-bot rules-transform and autosync on: - pull_request: + push: branches: - main paths: @@ -17,35 +17,31 @@ concurrency: cancel-in-progress: true jobs: - rules-transform: - name: Trestle-bot Rules Transform + rules-transform-and-autosync: + name: Rules Transform and AutoSync runs-on: ubuntu-latest permissions: contents: write steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - - name: Transform rules - uses: ./.github/actions/rules-transform - - autosync: - name: Trestle-bot Autosync Content - needs: rules-transform - runs-on: ubuntu-latest - permissions: - contents: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - - name: Autosync component-definitions + - name: AutoSync id: autosync uses: RedHatProductSecurity/trestle-bot/actions/autosync@main with: - markdown_path: "markdown/components" + markdown_path: "markdown/component-definitions" oscal_model: "compdef" file_pattern: "*.json,markdown/*" - branch: ${{ github.head_ref }} + - name: Check if rules changed + id: changes + uses: dorny/paths-filter@v3 + with: + filters: | + rules: + - 'rules/**' + - name: Rules Transform + if: steps.changes.outputs.rules == 'true' + uses: RedHatProductSecurity/trestle-bot/actions/rules-transform@main + with: + markdown_path: "markdown/component-definitions" + commit_message: "Auto-transform rules [skip ci]" \ No newline at end of file