GitHub Actions Workflow for OpsMx SSD Project Synchronization

This GitHub Actions workflow is designed to synchronize projects defined in YAML files with the OpsMx SSD (Software Delivery Dashboard) API.

Key Features:

YAML-Only Processing: The workflow exclusively handles YAML files.
Robust Commit Handling: It safely manages create, update, and delete operations, even across multi-commit pushes.
Error Tolerance: The process is designed not to fail when encountering non-YAML commits or invalid YAML definitions.

Trigger Conditions:

The workflow is activated only when changes are pushed to YAML files (.yaml or .yml extensions) located in the following directories:

source-projects/
artifacts/

Each YAML file represents a single project.

Commits that do not modify YAML files in these specific paths will be completely ignored.

Multi-Commit Handling

The workflow compares changes between github.event.before and github.sha, ensuring correct behavior even when multiple commits are pushed together.

Project Name Rules

Project names are derived from YAML filenames and automatically sanitized to meet the following:

Is in lowercase
Must start with a letter
Only letters, numbers, and hyphens are allowed

Scan Type Mapping

The scan type mapping path is as shown below:

source-projects/ → sourceScan
artifacts/ → artifactScan

API Endpoints Used

The following endpoints are used:

Create → /scan/project/upload
Update → /scan/project/update
Delete → /scan/project/delete

Secrets Required

The following secrets are required:

- ORG_ID - TEAM_ID - API_TOKEN

All secrets are securely referenced and never logged.

High-Level Workflow Flow

An high level workflow is given as shown below:

Push Event
↓
Detect YAML Changes
↓
No YAML Changes?→Yes → Exit (Green)
↓ No
Process Deleted YAML → Delete Projects
Process Added YAML → Create Projects
Process Modified YAML→ Update Projects
↓
Workflow Ends (Green)

Sample yaml file contents for Artifact and Source scan are given below:

Sample yaml file content for Artifact Scan

scanType: artifactScan
platform: docker
accountName: test
teamName: test
scanLevel: repoLevel
organisation: opsmx11
projectConfigs:
  - repository: restapp
    scheduleTime: 0
    tag:
      - simple-restapp-17412
    tagPattern: ""
    scanUpto: 0

Sample yaml file content for Source Scan

scanType: sourceScan
platform: github
accountName: test-git (test)
teamName: test
scanLevel: repoLevel
organisation: PrabhuQA
type: user
projectConfigs:
  - repository: buildme
    scheduleTime: 0
    branch:
      - b1
    branchPattern: ""
    scanUpto: 0

Steps to Create Projects in SSD:-

Commit the correctly structured YAML file, which contains the source/artifact content, to the centralized GitHub repository.
To view the workflow's execution, go to the Actions tab.

Log in to SSD and navigate to the Adhoc Scan page.
The project, named after the YAML file, is now visible to the user.

Steps to Update Projects in SSD:-

Commit the updated YAML file, which contains the source/artifact content, to the centralized GitHub repository.
To view the workflow's execution, go to the Actions tab.

Log in to SSD and navigate to the Adhoc Scan page.
Verify that the existing project is successfully updated with the content specified in the YAML file.

Steps to Delete Projects in SSD:-

Delete/Remove the YAML file, which contains source and/or artifact content, from the centralized GitHub repository.
To view the workflow's execution, go to the Actions tab.

Log in to SSD and navigate to the Adhoc Scan page.
Verify that the project is not visible in the SSD UI because the corresponding YAML file has been deleted from the centralized repository.

PreviousGitHub NextGitLab

Last updated 3 days ago