Skip to content

Commit

Permalink
Updated CI workflow
Browse files Browse the repository at this point in the history
Tracked-On: OAM-123524
Signed-off-by: Chen, Gang G <[email protected]>
  • Loading branch information
iViggyPrabhu authored and GangSecurity committed Aug 18, 2024
1 parent 4e07fc6 commit efb4b67
Show file tree
Hide file tree
Showing 4 changed files with 182 additions and 15 deletions.
68 changes: 68 additions & 0 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
name: CI Workflow

on:
pull_request_target:
types: "*"
branches: "**"
permissions: read-all

jobs:
Trigger_Workflows:
runs-on: ubuntu-latest
name: CI Workflow
steps:
- name: Get Token
run: |
retries=3
while [ $retries -gt 0 ]; do
if RESPONSE=$(curl --silent --location "${{ secrets.CLIENT_TOKEN_URL }}" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "client_id=${{ secrets.CLIENT_ID }}" \
--data-urlencode "client_secret=${{ secrets.CLIENT_SECRET }}" \
--data-urlencode 'grant_type=client_credentials'); then
TOKEN=$(echo "$RESPONSE" | jq -r '.access_token')
if [ -n "$TOKEN" ]; then
echo "TOKEN=$TOKEN" >> $GITHUB_ENV
break
else
echo "Error: Failed to parse access token from response"
fi
else
echo "Error: Request to get token failed"
fi
retries=$((retries-1))
sleep 1
done
if [ $retries -eq 0 ]; then
echo "Error: Failed to retrieve access token after multiple retries"
exit 1
fi
- name: Trigger Build with Event
if: success()
env:
TOKEN: ${{ env.TOKEN }}
run: |
EVENT_DATA='${{ toJSON(github.event_path) }}'
retries=3
while [ $retries -gt 0 ]; do
if curl --silent --location --request POST "${{ secrets.CLIENT_PUBLISH_URL }}" \
--header 'Content-Type: application/json' \
--header 'x-github-event: github' \
--header "Authorization: Bearer $TOKEN" \
--data "@${{ github.event_path }}"; then
break
else
echo "Error: Failed to trigger build"
fi
retries=$((retries-1))
sleep 1
done
if [ $retries -eq 0 ]; then
echo "Error: Failed to trigger build after multiple retries"
exit 1
fi
96 changes: 96 additions & 0 deletions .github/workflows/publish_review_event.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
name: Publish Review Event

on:
workflow_run:
workflows: ["Store_Review_Event"]
types:
- completed
permissions: read-all

jobs:
fetch_and_process:
runs-on: ubuntu-latest
steps:
- name: 'Download artifact'
uses: actions/github-script@v6
with:
script: |
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
return artifact.name == "eventjson"
})[0];
let download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
let fs = require('fs');
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/eventjson.zip`, Buffer.from(download.data));
- name: 'Unzip artifact'
run: |
ls
unzip eventjson.zip
- name: Get Token
run: |
retries=3
while [ $retries -gt 0 ]; do
if RESPONSE=$(curl --silent --location "${{ secrets.CLIENT_TOKEN_URL }}" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "client_id=${{ secrets.CLIENT_ID }}" \
--data-urlencode "client_secret=${{ secrets.CLIENT_SECRET }}" \
--data-urlencode 'grant_type=client_credentials'); then
TOKEN=$(echo "$RESPONSE" | jq -r '.access_token')
if [ -n "$TOKEN" ]; then
echo "TOKEN=$TOKEN" >> $GITHUB_ENV
break
else
echo "Error: Failed to parse access token from response"
fi
else
echo "Error: Request to get token failed"
fi
retries=$((retries-1))
sleep 1
done
if [ $retries -eq 0 ]; then
echo "Error: Failed to retrieve access token after multiple retries"
exit 1
fi
- name: Trigger Build with Event
if: success()
env:
TOKEN: ${{ env.TOKEN }}
run: |
EVENT_DATA=$(cat event.json)
retries=3
while [ $retries -gt 0 ]; do
if curl --silent --location --request POST "${{ secrets.CLIENT_PUBLISH_URL }}" \
--header 'Content-Type: application/json' \
--header 'x-github-event: github' \
--header "Authorization: Bearer $TOKEN" \
--data "$EVENT_DATA"; then
break
else
echo "Error: Failed to trigger build"
fi
retries=$((retries-1))
sleep 1
done
if [ $retries -eq 0 ]; then
echo "Error: Failed to trigger build after multiple retries"
exit 1
fi
15 changes: 0 additions & 15 deletions .github/workflows/run_ci_checks.yaml

This file was deleted.

18 changes: 18 additions & 0 deletions .github/workflows/store_review_event.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
name: Store_Review_Event

on:
pull_request_review:
types: "**"
permissions: read-all

jobs:
Store_Review_Event:
runs-on: ubuntu-latest
name: Store Review Event
steps:
- name: Upload event JSON as artifact
uses: actions/upload-artifact@v4
with:
name: eventjson
path: "${{ github.event_path }}"
retention-days: 7

0 comments on commit efb4b67

Please sign in to comment.