diff --git a/.github/workflows/compare-ds-build.yml b/.github/workflows/compare-ds-build.yml index a57473e1bf4d..f9c574780a05 100644 --- a/.github/workflows/compare-ds-build.yml +++ b/.github/workflows/compare-ds-build.yml @@ -49,7 +49,7 @@ jobs: with: path: 'output.json' prop_path: 'product' - - name: Build product ${{ github.base_ref }} (${{ steps.fork_point.outputs.FORK_POINT }}) + - name: Build product PR ${{ github.event.pull_request.head.sha }} if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} run: ./build_product ${{steps.product.outputs.prop}} --datastream-only - name: Create Artifact @@ -63,7 +63,7 @@ jobs: if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v4 with: - name: pr-artifacts-${{ github.event.pull_request.head.sha }} + name: pr-artifacts retention-days: 1 path: artifacts.tar.gz - name: Save PR info diff --git a/.github/workflows/compare-ds.yaml b/.github/workflows/compare-ds.yaml index dc30f49ffc4d..c2e0079aba3b 100644 --- a/.github/workflows/compare-ds.yaml +++ b/.github/workflows/compare-ds.yaml @@ -8,8 +8,9 @@ permissions: pull-requests: write contents: read actions: read + checks: write jobs: - build-content: + compare_ds_job: name: Generate Diff runs-on: ubuntu-latest container: @@ -30,19 +31,32 @@ jobs: id: pr_info run: | PR_NUMBER=$(cat pr-info/pr-number.txt) + PR_SHA=$(cat pr-info/pr-sha.txt) BASE_BRANCH=$(cat pr-info/base-branch.txt) FORK_POINT=$(cat pr-info/fork-point.txt) echo "pr_number=${PR_NUMBER}" >> $GITHUB_OUTPUT + echo "pr_sha=${PR_SHA}" >> $GITHUB_OUTPUT echo "base_branch=${BASE_BRANCH}" >> $GITHUB_OUTPUT echo "fork_point=${FORK_POINT}" >> $GITHUB_OUTPUT echo "PR Number: ${PR_NUMBER}" + echo "PR SHA: ${PR_SHA}" echo "Base Branch: ${BASE_BRANCH}" echo "Fork Point: ${FORK_POINT}" - - name: Checkout master + - name: Create GitHub check run + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 + id: create_check + with: + token: ${{ secrets.GITHUB_TOKEN }} + name: Compare DS + status: in_progress + sha: ${{ steps.pr_info.outputs.pr_sha }} + output: | + {"summary":"Compare DS started. Job: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}."} + - name: Checkout forking point (${{ steps.pr_info.outputs.fork_point }}) uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 with: repo: ComplianceAsCode/content - ref: master + ref: ${{ steps.pr_info.outputs.fork_point }} fetch-depth: 0 # https://github.com/actions/checkout/issues/766 - name: Set git safe directory @@ -75,7 +89,7 @@ jobs: uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} - name: pr-artifacts-${{ github.event.workflow_run.head_sha }} + name: pr-artifacts path: pr_artifacts run-id: ${{ github.event.workflow_run.id }} - name: Unpack built artifacts @@ -158,7 +172,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Compare Ansible playbook shell commands if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} - run: utils/ansible_shell_diff.py ssg-${{steps.product.outputs.prop}}-ds.xml build/ssg-${{steps.product.outputs.prop}}-ds.xml | tee diff.log + run: utils/ansible_shell_diff.py build/ssg-${{steps.product.outputs.prop}}-ds.xml pr_artifacts/artifacts/ssg-${{steps.product.outputs.prop}}-ds.xml | tee diff.log env: PYTHONPATH: ${{ github.workspace }} - name: Test if there are Ansible shell module changes @@ -188,3 +202,13 @@ jobs: type: delete comment_id: ${{ steps.shell_diff.outputs.comment-id }} token: ${{ secrets.GITHUB_TOKEN }} + - name: Compare DS + if: always() + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + conclusion: ${{ job.status }} + check_id: ${{ steps.create_check.outputs.check_id }} + sha: ${{ steps.pr_info.outputs.pr_sha }} + output: | + {"summary":"Compare DS completed. Job: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}."}