Skip to content

feat(jans-cedarling): update PolicyStore parser to support agama-lab generated policies #1445

feat(jans-cedarling): update PolicyStore parser to support agama-lab generated policies

feat(jans-cedarling): update PolicyStore parser to support agama-lab generated policies #1445

Workflow file for this run

name: documentation
on:
workflow_dispatch:
pull_request:
types:
- opened
- edited
paths:
- 'docs/**'
permissions:
contents: read
jobs:
docs:
if: github.repository == 'JanssenProject/jans'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Set up Python 3.7
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: 3.7
- name: Auto-merge inhouse doc prs
run: |
sudo apt-get update
sudo apt-get install jq
echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token
pull_number=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
NUMBER_OF_FOLDERS_CHANGED=$( gh pr view $pull_number --json files --jq '.files.[].path' | cut -d/ -f1 | sort -u | wc -l)
echo "The number of folders that changed are $NUMBER_OF_FOLDERS_CHANGED"
IS_USER_ORG_MEMBER=$(gh api -H "Accept: application/vnd.github.v3+json" --hostname github.com /orgs/${{ github.repository_owner }}/members?per_page=100 | jq .[].login | grep ${{ github.actor }})
echo "checking if ${{ github.actor }} belongs to the ${{ github.repository_owner }}. Found $IS_USER_ORG_MEMBER."
PULL_NUMBER=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
#The number of folders changed should be 1. Otherwise the contributor has touched other folders besides /docs.
if [[ $NUMBER_OF_FOLDERS_CHANGED == "1" ]] && [[ ! -z "$IS_USER_ORG_MEMBER" ]]; then
echo "Approving PR $PULL_NUMBER"
gh pr review --approve $PULL_NUMBER
echo "Merging PR $PULL_NUMBER"
gh pr merge --squash --auto $PULL_NUMBER
echo ""
else
echo "Bot will not merge this as it does not meet the requirements."
echo "Either the developer has merged with doc changes code changes or an external contributor has requested doc changes."
fi
check_pr:
if: github.repository == 'JanssenProject/jans'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Install latest GH
continue-on-error: true
run: |
VERSION=`curl "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-`
echo $VERSION
curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz -o gh_${VERSION}_linux_amd64.tar.gz
tar xvf gh_${VERSION}_linux_amd64.tar.gz
sudo cp gh_${VERSION}_linux_amd64/bin/gh /usr/local/bin/
gh version
- name: Check commit message
continue-on-error: true
id: check_message
run: |
PULL_NUMBER=$(echo "$GITHUB_REF" | awk -F / '{print $3}')
echo "Parsing commits from PR $PULL_NUMBER"
MESSAGE=$(gh pr view "$PULL_NUMBER" --json commits | jq '.' | grep "messageHeadline" | cut -d: -f2- | grep "^docs" || echo "")
echo "$MESSAGE"
if [[ -z "$MESSAGE" ]]; then
echo "conventional commit starting with docs: does not exist"
exit 1
else
echo "conventional commit exists starting with docs:"
exit 0
fi
- name: Verify Changed files
if: steps.check_message.outcome != 'success'
id: check_files
run: |
pull_number=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
CHANGES=$(gh pr view $pull_number --json files --jq '.files.[].path' | cut -d/ -f1 | grep '^docs' | sort -u )
if [ -n "$CHANGES" ]; then
echo "File changes exist"
exit 0
else
echo "No file changes"
exit 1
fi
lint_docs:
if: github.repository == 'JanssenProject/jans'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Markdown linter
continue-on-error: true
run: |
sudo apt-get install rubygems -y
sudo gem install mdl
mdl --style automation/markdown/.mdl_style.rb docs/