Skip to content

[Security] Secvuln 8633 Consul configuration allowed repeated keys #19032

[Security] Secvuln 8633 Consul configuration allowed repeated keys

[Security] Secvuln 8633 Consul configuration allowed repeated keys #19032

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
# This action creates downstream PRs for PRs with backport labels defined.
# See docs here: https://github.com/hashicorp/backport-assistant
name: Backport Assistant Runner
on:
pull_request_target:
types:
- closed
- labeled
branches:
- main
- 'release/*.*.x'
jobs:
backport:
if: github.event.pull_request.merged
runs-on: ubuntu-latest
container: hashicorpdev/backport-assistant:0.4.4
steps:
- name: Run Backport Assistant for release branches
run: |
backport-assistant backport -merge-method=squash
env:
BACKPORT_LABEL_REGEXP: "backport/(?P<target>\\d+\\.\\d+)"
BACKPORT_TARGET_TEMPLATE: "release/{{.target}}.x"
GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN_WORKFLOW }}
ENABLE_VERSION_MANIFESTS: true
backport-ent:
if: github.event.pull_request.merged && contains(join(github.event.pull_request.labels.*.name), 'backport/ent')
runs-on: ubuntu-latest
steps:
- name: Trigger backport for Enterprise
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
with:
token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
repository: hashicorp/consul-enterprise
event-type: ent-backport
client-payload: ${{ toJson(github.event) }}
handle-failure:
needs:
- backport
- backport-ent
if: always() && (needs.backport.result == 'failure' || needs.backport-ent.result == 'failure')
runs-on: ubuntu-latest
steps:
- name: Comment on PR
run: |
github_message="Backport failed @${{ github.event.sender.login }}. Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
curl -s -H "Authorization: token ${{ secrets.PR_COMMENT_TOKEN }}" \
-X POST \
-d "{ \"body\": \"${github_message}\"}" \
"https://api.github.com/repos/${GITHUB_REPOSITORY}/issues/${{ github.event.pull_request.number }}/comments"