go back to using the bash script
This commit is contained in:
GrantBirki
Родитель
08e8c2b2fd
Коммит
8c54e94d44
|
|
@ -38,14 +38,9 @@ jobs:
|
|||
|
||||
- name: manager review
|
||||
id: manager_review
|
||||
env:
|
||||
DIFF: ${{ steps.git-diff-action.outputs.json-diff-path }}
|
||||
run: |
|
||||
bundle exec ruby examples/manager_review.rb
|
||||
echo "managers=$(cat managers.txt)" >> $GITHUB_OUTPUT
|
||||
rm managers.txt
|
||||
run: echo "managers=$(examples/manager_review)" >> $GITHUB_OUTPUT
|
||||
|
||||
- uses: delivery-much/actions-assigner@ef457092b82f63fe69b1b36279a4d9a3946859c5 # pin@v1
|
||||
if: steps.manager_review.outputs.managers != '$NO_MANAGERS_FOUND$'
|
||||
if: steps.manager_review.outputs.managers != ''
|
||||
with:
|
||||
reviewers: ${{ steps.manager_review.outputs.managers }}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,31 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ -z $GITHUB_HEAD_REF ];
|
||||
then
|
||||
GITHUB_HEAD_REF=$(git rev-parse --abbrev-ref HEAD)
|
||||
fi
|
||||
|
||||
# Get the PR diff
|
||||
diff=$(git diff origin/main origin/${GITHUB_HEAD_REF})
|
||||
# See if the PR diff is related to entitlements configs
|
||||
while IFS='' read -r FILES; do
|
||||
# Check each line of each entitlement config and grab the affected users
|
||||
for line in "${FILES[@]}"; do
|
||||
if [[ $line = "+username"* ]] || [[ $line = "-username"* ]]
|
||||
then
|
||||
IFS=" " read declaration comparison name <<< $line
|
||||
# Grab the manager from the Org Chart for each affected user
|
||||
export name=$name
|
||||
manager=$(yq e '.[env(name)].manager' config/orgchart.yaml)
|
||||
# skip if manager is null
|
||||
if [ -z $manager ];
|
||||
then
|
||||
continue
|
||||
fi
|
||||
|
||||
echo $manager
|
||||
exit 0
|
||||
IFS=''
|
||||
fi
|
||||
done
|
||||
done <<< "$diff"
|
||||
|
|
@ -1,79 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require "json"
|
||||
require "yaml"
|
||||
|
||||
PATH_TO_CHECK = ENV.fetch("ENTITLEMENTS_FILE_PATHS", ".txt") # only check txt files
|
||||
EXCLUDED_FILES_ARRAY = File.readlines("config/manager_review_excluded.txt").map(&:chomp)
|
||||
STRING_MATCH = "username"
|
||||
OUTPUT_FILE = "managers.txt"
|
||||
ORG_CHART = YAML.safe_load_file("config/orgchart.yaml")
|
||||
|
||||
# startup message
|
||||
puts "========================================="
|
||||
puts "🤖 manager_review"
|
||||
puts "========================================="
|
||||
|
||||
# open the diff file and parse it as json
|
||||
json_diff_file = File.read(ENV.fetch("DIFF", "diff.json"))
|
||||
git_diff = JSON.parse(json_diff_file)
|
||||
|
||||
usernames = []
|
||||
|
||||
# loop through the files in the diff
|
||||
git_diff["files"].each do |file|
|
||||
next if file["type"] == "DeletedFile" # Skip deleted files as they are not relevant
|
||||
|
||||
path = file["path"] || file["pathAfter"]
|
||||
next unless path.end_with?(PATH_TO_CHECK) # Skip files that are not entitlments txt files
|
||||
|
||||
# skip files that are in the excluded files array
|
||||
next if EXCLUDED_FILES_ARRAY.any? { |excluded_file| path.include?(excluded_file) }
|
||||
|
||||
# loop through the chunks in the file
|
||||
file["chunks"].each do |chunk|
|
||||
# loop through the changes in the chunk
|
||||
chunk["changes"].each do |change|
|
||||
next if change["type"] == "DeletedLine" # skip deleted lines as they are not relevant
|
||||
|
||||
next if change["type"] == "UnchangedLine" # skip unchanged lines as they are not relevant
|
||||
|
||||
next unless change["content"].include?(STRING_MATCH)
|
||||
|
||||
# fetch the username value from the line
|
||||
|
||||
puts "👀 checking #{change['content']} for #{STRING_MATCH} value"
|
||||
|
||||
# format the value of the username variable for processing
|
||||
username = change["content"].split(STRING_MATCH)[1].strip
|
||||
# remove any 'comments' from the value
|
||||
username = username.split("#")[0].strip
|
||||
# remove any in-line attributes from the value
|
||||
username = username.split(";")[0].strip # ie. username = value; expiration = "value"
|
||||
# remove any special characters from the value
|
||||
username = username.gsub(/["'= \[\],:]/, "")
|
||||
|
||||
puts "💡 the value of #{STRING_MATCH} is #{username}"
|
||||
usernames << username
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
if usernames.empty?
|
||||
puts "no usernames found in diff"
|
||||
puts "📝 writting a bypass file"
|
||||
File.write(OUTPUT_FILE, "$NO_MANAGERS_FOUND$")
|
||||
puts "✅ wrote bypass file to #{OUTPUT_FILE}"
|
||||
exit(0)
|
||||
end
|
||||
|
||||
# iterate over each username that is having access altered and fetch their manager
|
||||
managers = usernames.map do |username|
|
||||
ORG_CHART[username]["manager"]
|
||||
end
|
||||
|
||||
puts "💡 found #{managers.length} managers to request for review"
|
||||
puts "📝 writting managers to #{OUTPUT_FILE}"
|
||||
File.write(OUTPUT_FILE, managers.join(","))
|
||||
puts "✅ wrote managers to #{OUTPUT_FILE}"
|
||||
exit(0)
|
||||
Загрузка…
Ссылка в новой задаче