fix(query): terraform alb_is_not_integrated_with_waf #486

Workflow file for this run

.github/workflows/validate-pr-title.yaml at c32ff36

	name: validate-pr-title
	on:
	pull_request_target:
	types: [opened, synchronize, edited, reopened]
	branches:
	- master

	jobs:
	title-check:
	runs-on: ubuntu-latest
	env:
	ERROR_MSG: "The PR title does not match the required format: <type>(<tag>): <title>"
	steps:
	- name: Checkout code
	uses: actions/checkout@v3
	with:
	persist-credentials: false
	sparse-checkout: \|
	.github/scripts/pr-issue-info/get_title_types.py
	.github/pr-title-types.yaml
	- name: Print PR Title
	run: echo "${{ github.event.pull_request.title }}"
	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: "3.x"
	- name: Install dependencies
	run: python3 -m pip install --upgrade pip pyyaml
	- name: Check PR Title
	run: \|
	regex=$(python3 .github/scripts/pr-issue-info/get_title_types.py)
	echo "Title regex: $regex"
	title="${{ github.event.pull_request.title }}"
	echo $title \| grep -Pq "$regex" \|\| (echo "$ERROR_MSG" && exit 1)
	labels-check:
	runs-on: ubuntu-latest
	env:
	LABELS: ${{ toJson(github.event.pull_request.labels) }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v3
	with:
	persist-credentials: false
	sparse-checkout: \|
	.github/scripts/pr-issue-info/get_keywords.py
	.github/keywords.yaml
	- name: Get username
	run: echo "USERNAME=${{ github.event.pull_request.user.login }}" >> $GITHUB_ENV
	- name: Install JQ
	run: sudo apt-get install jq
	- name: Get title
	run: echo "TITLE=${{ github.event.pull_request.title }}" >> $GITHUB_ENV
	- name: Check user username
	run: \|
	response=$(curl -s -H "Authorization: token ${{ secrets.KICS_BOT_PAT }}" "https://api.github.com/orgs/Checkmarx/teams/kics-core-team/members")
	team_members=$(echo "$response" \| jq -r '.[].login')
	if echo "${team_members[@]}" \| grep -Pq "^$USERNAME$"; then
	echo "Contributor belongs to Checkmarx organization"
	is_member="true"
	else
	echo "Contributor does not belong to Checkmarx organization"
	is_member="false"
	fi
	echo "IS_MEMBER=$is_member" >> $GITHUB_ENV
	- name: Add community label if user does not belong to Checkmarx Organization
	run: \|
	if [[ "$IS_MEMBER" == "false" ]]; then
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["community"]}'
	fi
	- name: Add feature or feature request label
	run: \|
	if [[ "$TITLE" == feat* ]]; then
	if [[ "$IS_MEMBER" == "true" ]]; then
	echo "Adding 'feature' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["feature"]}'
	else
	echo "Adding 'feature request' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["feature request"]}'
	fi
	else
	if echo "$LABELS" \| grep -q "feature request"; then
	echo "Removing 'feature request' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/feature%20request
	elif echo "$LABELS" \| grep -q "feature"; then
	echo "Removing 'feature' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/feature
	fi
	fi
	- name: Add documentation label
	run: \|
	if [[ "$TITLE" == docs* ]]; then
	echo "Adding 'documentation' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["documentation"]}'
	else
	if echo "$LABELS" \| grep -q "documentation"; then
	echo "Removing 'documentation' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/documentation
	fi
	fi
	- name: Add bug label
	run: \|
	if echo "$TITLE" \| grep -iqP "(\\b\|_)bugs?(\\b\|_)"; then
	echo "Adding 'bug' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["bug"]}'
	else
	if echo "$LABELS" \| grep -q "bug"; then
	echo "Removing 'bug' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/bug
	fi
	fi
	- name: Add query label
	run: \|
	if echo "$TITLE" \| grep -iqP "(\\b\|_)quer(y\|ies)(\\b\|_)"; then
	echo "Adding 'query' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d '{"labels": ["query"]}'
	else
	if echo "$LABELS" \| grep -q "query"; then
	echo "Removing 'query' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/query
	fi
	fi
	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: "3.x"
	- name: Install dependencies
	run: python3 -m pip install --upgrade pip pyyaml
	- name: Check title for keywords of platforms and cloud providers to add labels
	run: \|
	keywords=$(python3 .github/scripts/pr-issue-info/get_keywords.py)
	eval "$keywords"
	declare -p keywords
	declare -a labels_to_add=()
	for keyword in "${!keywords[@]}"; do
	if echo "$TITLE" \| grep -iPq "(\\b\|_)$keyword(\\b\|_)"; then
	labels_to_add+=("${keywords[$keyword]}")
	fi
	done
	mapfile -t current_labels < <(echo "$LABELS" \| jq -r '.[].name')
	echo "Current labels: ${current_labels[@]}"
	echo "Labels to add: ${labels_to_add[@]}"
	echo "Labels: $LABELS"
	for keyword in "${!keywords[@]}"; do
	label=${keywords[$keyword]}
	if [[ ! " ${labels_to_add[@]} " =~ " ${label} " ]] && [[ " ${current_labels[@]} " =~ " ${label} " ]]; then
	echo "Removing '$label' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X DELETE -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels/$label
	elif [[ " ${labels_to_add[@]} " =~ " ${label} " ]] && [[ ! " ${current_labels[@]} " =~ " ${label} " ]]; then
	echo "Adding '$label' label..."
	curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels -d "{\"labels\": [\"$label\"]}"
	fi
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(query): terraform alb_is_not_integrated_with_waf #486

Workflow file

fix(query): terraform alb_is_not_integrated_with_waf #486

Jobs

Run details

Workflow file for this run