Skip to content
Config Conversion & Schema generation

Merge pull request #583 from petracihalova/malware-detection-role-fix #385

Sign in to view logs

Merge pull request #583 from petracihalova/malware-detection-role-fix

Merge pull request #583 from petracihalova/malware-detection-role-fix #385

Workflow file for this run

.github/workflows/master.yml at 5a95762
on:
push:
branches:
- master
name: Config Conversion & Schema generation
jobs:
convert_config_generate_schema:
name: Convert Config & Generate Schema
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- name: Configure git to trust the workspace despite the different owner
run: git config --global --add safe.directory "/github/workspace"
# generate ksil json file
- name: Run Generate V1-Only Permissions Data for stage
uses: RedHatInsights/rbac-config-actions/generate-v1-only-permissions@main
with:
ksl: configs/stage/schemas
rbac_permissions: configs/stage/permissions
- name: Run Generate V1-Only Permissions Data for prod
uses: RedHatInsights/rbac-config-actions/generate-v1-only-permissions@main
with:
ksl: configs/prod/schemas
rbac_permissions: configs/prod/permissions
# convert configmaps & generate schemas
- name: Converting config to configmaps & generating schema
uses: RedHatInsights/rbac-config-actions/convert-config@main
with:
token: ${{ secrets.GITHUB_TOKEN }}
branch_name: configmaps-schema
# validate generated schemas
- name: Validate Stage Schema
uses: "authzed/action-spicedb-validate@v1"
with:
validationfile: "configs/stage/schemas/schema.zed"
- name: Validate Prod Schema
uses: "authzed/action-spicedb-validate@v1"
with:
validationfile: "configs/prod/schemas/schema.zed"
- name: Create a PR with Config Changes
run: |
if [ -n "$(git log --oneline origin/master..HEAD)" ]; then
gh pr create --fill-first -B master -H configmaps-schema -t "[GitHub] - Automated ConfigMap & Schema Generation";
else
echo "No new commits found between origin/master and configmaps";
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}