generated from 18F/open-source-policy
-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add github action for validating proper oscal assembly
- Loading branch information
Showing
2 changed files
with
65 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| name: "Run a docker-trestle command" | ||
| description: "Sets up workspace for running a single command in docker-trestle" | ||
| inputs: | ||
| tag: | ||
| description: docker-trestle tag to use. | ||
| required: false | ||
| default: 20240930 | ||
| cmd: | ||
| description: Command to run within docker-trestle | ||
| required: true | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: Run cmd | ||
| shell: bash | ||
| run: docker run -u "$(id -u):$(id -g)" -v $GITHUB_WORKSPACE:/app/docs:rw ghcr.io/gsa-tts/trestle:${{ inputs.tag }} ${{ inputs.cmd }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| name: Validate OSCAL Assembly | ||
|
|
||
| on: [pull_request] | ||
|
|
||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
|
|
||
| jobs: | ||
| validate_cd: | ||
| name: Validate component definition format | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Validate Component | ||
| uses: ./.github/actions/trestle-cmd | ||
| with: | ||
| cmd: trestle validate -f component-definitions/cg-egress-proxy/component-definition.json | ||
|
|
||
| check_cd: | ||
| name: Check assembly is current | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Check assembly | ||
| uses: ./.github/actions/trestle-cmd | ||
| with: | ||
| cmd: bin/assemble-cgep-json | ||
|
|
||
| - name: Check no changes exist | ||
| run: git diff --quiet | ||
|
|
||
| - name: Comment on pull request | ||
| if: failure() | ||
| uses: actions/github-script@v4 | ||
| with: | ||
| script: | | ||
| const output = `OSCAL assembly detected changes that aren't checked in. | ||
| Run \`bin/assemble-cgep-json\` within trestle to ensure markdown changes are reflected in the CD`; | ||
| github.issues.createComment({ | ||
| issue_number: context.issue.number, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| body: output | ||
| }); |