Add support for Job Summary and PR comments #44
Conversation
|
I know Black formatting checks are failing with the current state. I'll be able to pull the code locally and fix the formatting issues later today. |
|
@GeekMasher this is a draft for #42. |
|
https://github.com/GeekMasher/ghastoolkit/releases/tag/0.6.2 |
@GeekMasher I am unable to run the vendor update.sh script to bump the ghastoolkit version to 0.6.2 with my current setup. Would you be able to run the script to bump the version? If you're able, I can pull the changes. If not I can give it a shot in a few hours when I have a different setup available. |
|
Thank you for the help @GeekMasher ! |
|
Apart from those comments, we are good to go! Thank you for the PRs 🚀 |
Adding a feature to allow PaC to create a Job Summary and a PR comment (when running in a PR) that give a summary of the policy violations from the workflow run.
I used the dependency review action as a reference for the implementation.
Job Summary
The job summary appears in the Summary screen of the workflow run. This feature creates this summary with every run, and if the
--displayflag is present it adds details about the policy violations to the summary. Without the--displayflag, the summary only contains details that are present in the log output of the action. This just allows users to get a clean and concise view of the results without digging into the logs.Enabling PR comments
I added an
argvsflag called--pr-commentthat enables/disables the PR comment functionality.This would be replaced with updated flags set in the policy files in v3, see #42 for more details.
The comment added to a PR is exactly the same as the summary added to the Job Summary, and it likewise contains additional details when the
--displayflag is enabled. PaC will check if it has already added a comment to the PR previously and will update that comment if found. PaC comments are identified by an unique HTML comment in the body of the PR comment.Summary :: summary.py
The
summary.pyfile defines theSummarystatic class and its functions for formatting text and adding text to the summary.Formatting is done by adding HTML elements to the text.
The
Summaryclass also contains a static function,outputJobSummary(), that outputs the summary to the Job Summary. This function uses theGITHUB_STEP_SUMMARYenvironment variable which is set by GitHub Actions at runtime. The variable points to a temporary file on the runner, and the contents of that file are used as the Job Summary when the job completes. See this doc for reference.Pull Request :: pullrequest.py
The
pullrequest.pyfile defines thePullRequeststatic class. The main function for working with PR comments isaddPrComment()withfindComment()as a helper function.The
addPrComment()function checks if the--pr-commentflag is enabled and also checks if the action is running in a PR. It also automatically checks for existing PaC comments and updates an existing comment if found instead of adding a new comment. The policy name is used as part of the unique identifier for PaC comments. This allows multiple PaC policies that are run on the same repo to maintain separate comments and avoid contention from trying to update the same comment and overwriting each other.'Unknown' is used when policies do not have a set name. And multiple policies that use the same name or multiple policies that do not have a name will still results in contention over updating the same comment.
Adding content to the Summary
Text is added to the Summary class during the execution of PaC and output to the Job Summary and PR comment (if enabled) at the end.
__main__.pyadds:checks.pyadds for each technology check performed:--displayis enabled)Notes
This implementation requires the changes added to ghastoolkit in PR 78.