-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathentrypoint.sh
More file actions
117 lines (99 loc) · 4.36 KB
/
entrypoint.sh
File metadata and controls
117 lines (99 loc) · 4.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/bin/sh
set -e
TRIGGER_ACTION="closed"
echo "Getting Action Information"
ACTION=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["action"]' | cut -f2 | sed 's/\"//g')
GH_EVENT_MILESTONE_NUMBER=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["milestone","number"]' | cut -f2)
REPOSITORY_NAME=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["repository","name"]' | cut -f2 | sed 's/\"//g')
OWNER_ID=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["repository","owner","login"]' | cut -f2 | sed 's/\"//g')
GH_USERNAME=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["sender","login"]' | cut -f2 | sed 's/\"//g')
PROVIDED_MILESTONE_ID=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["inputs","milestoneId"]' | cut -f2 | sed 's/\"//g')
REPO_PRIVATE=$(jq -r '.repository.private | tostring' "$GITHUB_EVENT_PATH" 2>/dev/null || echo "")
UPSTREAM="Decathlon/release-notes-generator-action"
ACTION_REPO="${GITHUB_ACTION_REPOSITORY:-}"
DOCS_URL="https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions"
echo ""
echo -e "\033[1;36mStepSecurity Maintained Action\033[0m"
echo "Secure drop-in replacement for $UPSTREAM"
if [ "$REPO_PRIVATE" = "false" ]; then
echo -e "\033[32m✓ Free for public repositories\033[0m"
fi
echo -e "\033[36mLearn more:\033[0m $DOCS_URL"
echo ""
if [ "$REPO_PRIVATE" != "false" ]; then
SERVER_URL="${GITHUB_SERVER_URL:-https://github.com}"
if [ "$SERVER_URL" != "https://github.com" ]; then
BODY=$(printf '{"action":"%s","ghes_server":"%s"}' "$ACTION_REPO" "$SERVER_URL")
else
BODY=$(printf '{"action":"%s"}' "$ACTION_REPO")
fi
API_URL="https://agent.api.stepsecurity.io/v1/github/$GITHUB_REPOSITORY/actions/maintained-actions-subscription"
RESPONSE=$(curl --max-time 3 -s -w "%{http_code}" \
-X POST \
-H "Content-Type: application/json" \
-d "$BODY" \
"$API_URL" -o /dev/null) && CURL_EXIT_CODE=0 || CURL_EXIT_CODE=$?
if [ $CURL_EXIT_CODE -ne 0 ]; then
echo "Timeout or API not reachable. Continuing to next step."
elif [ "$RESPONSE" = "403" ]; then
echo -e "::error::\033[1;31mThis action requires a StepSecurity subscription for private repositories.\033[0m"
echo -e "::error::\033[31mLearn how to enable a subscription: $DOCS_URL\033[0m"
exit 1
fi
fi
MILESTONE_ID_TO_USE=${MILESTONE_NUMBER:-$PROVIDED_MILESTONE_ID}
MILESTONE_ID_TO_USE=${MILESTONE_ID_TO_USE:-$GH_EVENT_MILESTONE_NUMBER}
echo "Action running with milestone $MILESTONE_ID_TO_USE on event $GITHUB_EVENT_NAME and action $ACTION"
#Check if Milestone exists, which means actions was raised by a milestone operation.
if [[ -z "$MILESTONE_ID_TO_USE" ]]; then
echo "Milestone number is missing. Was the action raised by a milestone event?"
exit 1
fi
OUTPUT_FILENAME="release_file.md"
#Check if we should use milestone title instead
if [[ -z "$FILENAME" && ! -z "$USE_MILESTONE_TITLE" ]]; then
MILESTONE_TITLE=$(/JSON.sh < "${GITHUB_EVENT_PATH}" | grep '\["milestone","title"]' | cut -f2 | sed 's/\"//g' | sed 's/ /_/g')
OUTPUT_FILENAME="$MILESTONE_TITLE.md"
fi
#Check if a filename is provided
if [[ ! -z "$FILENAME" ]]; then
OUTPUT_FILENAME="$FILENAME.md"
fi
#Check if a filename prefix is provided
if [[ ! -z "$FILENAME_PREFIX" ]]; then
if [[ ! -z "$FILENAME" ]]; then
OUTPUT_FILENAME="$FILENAME_PREFIX$FILENAME.md"
else
OUTPUT_FILENAME="$FILENAME_PREFIX$MILESTONE_ID_TO_USE.md"
fi
fi
#Output folder configuration
if [ -z "$OUTPUT_FOLDER" ]; then
echo "OUTPUT_FOLDER ENV is missing, using the default one"
OUTPUT_FOLDER='.'
else
mkdir -p $OUTPUT_FOLDER
fi
echo "Checking for custom configuration..."
CONFIG_FILE=".github/release-notes.yml"
if [[ ! -f ${CONFIG_FILE} ]]; then
echo "No config file specified."
CONFIG_FILE=""
else
echo "Configuring the action using $CONFIG_FILE"
fi
if [[ "workflow_dispatch" == "$GITHUB_EVENT_NAME" || "$ACTION" == "$TRIGGER_ACTION" ]]; then
echo "Creating release notes for Milestone $MILESTONE_ID_TO_USE into the $OUTPUT_FILENAME file"
java -jar /github-release-notes-generator.jar \
--changelog.repository=${OWNER_ID}/${REPOSITORY_NAME} \
--github.username=${GH_USERNAME} \
--github.password=${GITHUB_TOKEN} \
--changelog.milestone-reference=id \
--spring.config.location=${CONFIG_FILE} \
${MILESTONE_ID_TO_USE} \
${OUTPUT_FOLDER}/${OUTPUT_FILENAME}
cat ${OUTPUT_FOLDER}/${OUTPUT_FILENAME}
else
echo "Release notes generation skipped because action was: $ACTION"
exit 78
fi