Skip to content

failing auth2

failing auth2 #33

# merge submission on the main branch after a pullrequest approval
name: Validate Submission
on:
pull_request_target:
branches: [ main ]
paths:
- 'previsioni/**'
- '!**README**'
jobs:
# Firts authenticate user based on PR details
validate_request:
runs-on: ubuntu-latest
outputs:
is_valid: ${{ steps.validate.outputs.validate == 'success' && steps.authenticate.outputs.authenticate == 'success' }}
output_data: ${{ steps.compile_output.outputs.output_data }}
changed_files: ${{ steps.get_changed_files.outputs.all_changed_files }}
steps:
# Check out the submission repo
# -------------------------------------------
- name: Checkout code
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
ref: ${{ github.event.pull_request.head.sha }}
# Checkout the python tools repo
# used to authenticate and validate the PR
# -------------------------------------------
- name: checkout python tools repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: 'Testing-Forecast-Actions/Testing-Tools'
ref: 'main'
path: './tools'
# Get changes from pull request
# --------------------------------
- name: Get changes
id: get_changed_files
uses: tj-actions/changed-files@v36
# Authenticate the pull_request
# returns as output authentication = { True / False }
# -------------------------------
- name: Execute Authentication script
id: authenticate
env:
calling_actor: ${{ github.actor }}
changed_files: ${{ steps.get_changed_files.outputs.all_changed_files }}
run: python ./tools/.github/scripts/request_authentication/authenticate_request.py
# If authenticated proceed with validation
# returns as output validation = { True / False }
# -------------------------------------------
- name: Execute Validation script
id: validate
env:
changed_files: ${{ steps.get_changed_files.outputs.all_changed_files }}
run: python ./tools/.github/scripts/forecast_validation/validate.py
- name: Trace for Debug
env:
is_valid: ${{ steps.validate.outputs.validate == 'success' && steps.authenticate.outputs.authenticate == 'success' }}
run: |
echo " Auth: ${{ steps.authenticate.outputs.authenticate }}"
echo " Val: ${{ steps.validate.outputs.validate }}"
echo " IsVal: $is_valid"
- name: Prepare Job Output Data
id: compile_output
env:
changed_files: ${{ steps.get_changed_files.outputs.all_changed_files }}
if: ${{ steps.validate.outputs.validate == 'success' && steps.authenticate.outputs.authenticate == 'success' }}
run: |
import os
import json
env_file = os.getenv('GITHUB_OUTPUT')
to_validate = os.getenv("changed_files")
# Get a list of forecast files
fforecasts = to_validate.split(" ")
# List should not be empty
if not fforecasts:
raise Exception(f"Empty commit")
# prepare the output data collection
out_data = {}
out_data['team'] = os.path.basename(os.path.split(fforecasts[0])[0]).split('_')[0]
out_data['models'] = []
for fforecast in fforecasts :
#get the model name from path
model = tuple(os.path.basename(os.path.split(fforecast)[0]).split('_'))[1]
model_entry = next((item for item in out_data['models'] if item["model"] == model), None)
if model_entry is None:
out_data['models'].append({"model" : model, "changes": [fforecast]})
else:
model_entry["changes"].append(fforecast)
out_data_s = json.dumps(out_data)
print(f'::set-output name=output_data::{out_data_s}')
shell: python
# -------------------------------------------
# SUCCESS
# -------------------------------------------
on_successful_validation:
runs-on: ubuntu-latest
needs: validate_request
if: ${{ needs.validate_request.outputs.is_valid }}
steps:
- name: DEBUG
run: |
echo "Is_Valid: ${{ needs.validate_request.outputs.is_valid }}"
# Checkout the forecast repo
# ---------------------------
- name: Checkout code
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
ref: "${{ github.event.pull_request.head.sha }}"
# Checkout the python tools repo
# used to authenticate and validate the PR
# -------------------------------------------
- name: checkout python tools repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: 'Testing-Forecast-Actions/Testing-Tools'
ref: 'main'
path: tools
# Approve pull request
# ---------------------------
- name: Approve Pull Request
uses: juliangruber/[email protected]
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
number: ${{ github.event.pull_request.number }}
# Eventually comment on it
- name: Comment PR
uses: thollander/actions-comment-pull-request@v2
with:
message: |
All checks completed successfully ! :wave:
pr_number: ${{ github.event.pull_request.number }}
# Merge changes
# ---------------------------
- name: Merge the pull request
id: merge_pr
run: |
gh pr merge --auto --squash $PR_URL
echo "status=true" >> $GITHUB_OUTPUT
env:
PR_URL: ${{ github.event.pull_request.html_url }}
GH_TOKEN: ${{ secrets.WF_PR_PAT }}
#TEMP REMOVE
# Store changes
# -------------------------
- name: Store Changes
if: ${{ steps.merge_pr.outputs.status == 'true' }}
env:
data: ${{ needs.validate_request.outputs.output_data }}
run: |
echo ">>> Store changes to json"
python ./tools/.github/scripts/utils/store_changes.py
# # Activate client view
# # ---------------------------
# # WEBHOOK
# - name: Invoke deployment hook
# if: ${{ steps.merge_pr.outputs.status == 'true' }}
# #uses: distributhor/[email protected]
# env:
# webhook_url: ${{ secrets.WEB_HOOK_URL_DEV }}
# # webhook_url: ${{ secrets.WEBHOOK_URL }}
# # webhook_url: ${{ secrets.WEB_HOOK_URL_PRODUCTION }}
# webhook_secret: ${{ secrets.WEB_HOOK_SECRET }}
# #data: '{ "changes": ${{ toJSON(needs.validate_request.outputs.changed_files) }}, "actor" : ${{ toJSON(github.actor) }} }'
# data: ${{ needs.validate_request.outputs.output_data }}
# run: |
# echo ">>> Calling custom webhook"
# pip install requests
# echo ">>> Pip installed"
# python ./tools/.github/scripts/utils/workflow_webhook.py
# -------------------------------------------
# FAILED
# -------------------------------------------
on_validation_failed:
runs-on: ubuntu-latest
needs: validate_request
if: ${{ ! needs.validate_request.outputs.is_valid }}
steps:
# DEBUG ONLY
- name: DEBUG - DUMP INFO
env:
changed-files: ${{ needs.validate_request.outputs.changed_files }}
run: |
echo ">>> Is_Valid: ${{ needs.validate_request.outputs.is_valid }}"
echo ">>> FAILED JOB "
echo ">>> Changes: $changed-files"
echo ">>> Repo: ${{ github.repository }}"
echo ">>> SrcPath: $GITHUB_WORKSPACE"
echo ">>> Pull request number: ${{ github.event.pull_request.number }}"
echo ">>> Git hub actor: ${{ github.actor }}"
# Inform the user about what went wrong
- name: Comment PR
uses: thollander/actions-comment-pull-request@v2
with:
message: |
Something went wrong. PR is rejected
pr_number: ${{ github.event.pull_request.number }}