[Rule Tuning] Lookback Times for Okta Multiple Session and AWS KMS Retrieval Rules #1524
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Add PR Guidelines Comment | |
on: | |
pull_request_target: | |
types: [opened, labeled] | |
jobs: | |
add-comment: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v2 | |
- name: Set environment variable for early exit control | |
id: check_label | |
run: | | |
echo "CONTINUE_JOB=true" >> $GITHUB_ENV | |
if [[ "${{ github.event.action }}" == "labeled" || "${{ github.event.action }}" == "opened" ]]; then | |
RELEVANT_LABELS=("bug" "enhancement" "schema" "Rule: New" "Rule: Tuning" "Rule: Deprecation" "Hunt: New" "Hunt: Tuning") | |
TRIGGERED_LABEL="${{ github.event.label.name }}" | |
if [[ ! " ${RELEVANT_LABELS[@]} " =~ " ${TRIGGERED_LABEL} " ]]; then | |
echo "CONTINUE_JOB=false" >> $GITHUB_ENV | |
fi | |
fi | |
- name: Determine Guidelines Label | |
run: | | |
# Initialize GUIDELINES_FILE to empty | |
echo "GUIDELINES_FILE=" >> $GITHUB_ENV | |
if [[ "${{ contains(github.event.pull_request.labels.*.name, 'bug') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/bug_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'enhancement') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/enhancement_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'schema') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/schema_enhancement_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: New') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_new_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: Tuning') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_tuning_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: Deprecation') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_deprecation_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Hunt: New') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/hunt_new_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Hunt: Tuning') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/hunt_tuning_guidelines.md" >> $GITHUB_ENV | |
fi | |
- name: Fail if no relevant labels are found | |
if: env.GUIDELINES_FILE == '' | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
core.setFailed('No appropriate GitHub label found in the PR. Failing the job.') | |
- name: Add Guidelines Comment | |
if: env.CONTINUE_JOB == 'true' && (github.event.action == 'opened' || github.event.action == 'labeled') | |
uses: mshick/add-pr-comment@v2 | |
with: | |
message-path: ${{ env.GUIDELINES_FILE }} | |
repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} | |
message-id: "guidelines-comment" |