Skip to content

fix: December general quality updates #606

fix: December general quality updates

fix: December general quality updates #606

name: Update Recommendation Object on Pull Request
on:
pull_request_target:
types:
- edited
- opened
- reopened
- synchronize
paths:
- 'azure-resources/**/*.yaml'
- 'azure-resources/**/*.kql'
- 'azure-specialized-workloads/**/*.yaml'
- 'azure-specialized-workloads/**/*.kql'
- 'azure-waf/**/*.yaml'
- 'azure-waf/**/*.kql'
workflow_dispatch:
env:
github_user_name: 'github-actions'
github_email: '41898282+github-actions[bot]@users.noreply.github.com'
github_commit_message: 'Generate Updated Recommendation Object'
github_pr_number: ${{ github.event.number }}
github_pr_repo: ${{ github.event.pull_request.head.repo.full_name }}
permissions:
contents: read
jobs:
update-json-object:
environment: BuildObject
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Show env
run: env | sort
- name: Check out PR
run: |
echo "==> Check out PR..."
gh pr checkout "$github_pr_number"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Configure local git
run: |
echo "git user name : $github_user_name"
git config --global user.name "$github_user_name"
echo "git user email : $github_email"
git config --global user.email "$github_email"
- name: Run Object Generation Script
run: |
pwsh .github/scripts/build-recommendation-object.ps1
shell: pwsh
- name: Check git status
run: |
echo "==> Check git status..."
git status --short --branch
- name: Stage changes
run: |
echo "==> Stage changes..."
mapfile -t STATUS_LOG < <(git status --short | grep .)
if [ ${#STATUS_LOG[@]} -gt 0 ]; then
echo "Found changes to the following files:"
printf "%s\n" "${STATUS_LOG[@]}"
git add --all
else
echo "No changes to add."
fi
- name: Push changes
run: |
echo "==> Check git diff..."
mapfile -t GIT_DIFF < <(git diff --cached)
printf "%s\n" "${GIT_DIFF[@]}"
if [ ${#GIT_DIFF[@]} -gt 0 ]; then
echo "==> Commit changes..."
git commit --message "$github_commit_message [$GITHUB_ACTOR/${GITHUB_SHA::8}]"
echo "==> Push changes..."
echo "Pushing changes to: $github_pr_repo"
git push "https://[email protected]/$github_pr_repo.git"
else
echo "No changes found."
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}