docs: llm06 mitigation example #9
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Ads - Triage OWASP Top 10 LLM Apps Issues and PRs | |
on: | |
issues: | |
types: | |
- opened | |
- labeled | |
- reopened | |
pull_request: | |
types: | |
- opened | |
- labeled | |
- reopened | |
env: | |
BOARD_NAME: "OWASP Top 10 for LLM Applications" | |
OWNER: ${{ github.repository_owner }} | |
REPO: ${{ github.event.repository.name }} | |
ISSUE: ${{ github.event.issue.number }} | |
PROJECT_TECH_LEAD: "GangGreenTemperTatum" | |
LLM01_LEAD: "cybershujin" | |
LLM02_LEAD: "kenhuangus" | |
LLM03_LEAD: "jsotiro" | |
LLM04_LEAD: "GangGreenTemperTatum" | |
LLM05_LEAD: "GangGreenTemperTatum" | |
LLM06_LEAD: "rot169" | |
LLM07_LEAD: "vingiarrusso" | |
LLM08_LEAD: "xsankar" | |
LLM09_LEAD: "virtualsteve-star" | |
LLM10_LEAD: "GangGreenTemperTatum" | |
PR_LEAD: "faceplate27" | |
POSTMASTER: "TBC" | |
TRANSLATIONS: "talesh" | |
DATA_GATHERING: "emmanuelgjr" | |
DESIGN: "rossja" | |
DIAGRAMS: "GangGreenTemperTatum" | |
WEB_DEVS: "GangGreenTemperTatum" | |
SEC_GOVERNANCE: "subzer0girl2" | |
jobs: | |
welcomes: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1 | |
with: | |
script: | | |
const eventName = context.eventName; | |
if (eventName === 'issues') { | |
await github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: '👋 Thanks for reporting! Please ensure labels are applied appropriately so that the workflow automation can triage this to the assigned member of the OWASP core team' | |
}); | |
} else if (eventName === 'pull_request' && context.payload.action === 'opened') { | |
await github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: '👋 Thanks for your pull request! Please ensure appropriate labels are applied for review routing.' | |
}); | |
} | |
triage: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 | |
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1 | |
with: | |
github-token: ${{ secrets.ADS_OWASP_LLM_APPS_REPO_TOKEN }} | |
script: | | |
try { | |
const issue = context.payload.issue; | |
const labels = issue.labels.map(label => label.name); | |
let assignees = []; | |
// Label-to-assignee mappings | |
const labelAssigneeMap = { | |
'bug': '${{ env.PROJECT_TECH_LEAD }}', | |
'extension': '${{ env.PROJECT_TECH_LEAD }}', | |
'llm-other': '${{ env.PROJECT_TECH_LEAD }}', | |
'diagram': '${{ env.PROJECT_TECH_LEAD }}', | |
'pdf': '${{ env.DESIGN }}', | |
'website': '${{ env.WEB_DEVS }}', | |
'llm-01': '${{ env.LLM01_LEAD }}', | |
'llm-02': '${{ env.LLM02_LEAD }}', | |
'llm-03': '${{ env.LLM03_LEAD }}', | |
'llm-04': '${{ env.LLM04_LEAD }}', | |
'llm-05': '${{ env.LLM05_LEAD }}', | |
'llm-06': '${{ env.LLM06_LEAD }}', | |
'llm-07': '${{ env.LLM07_LEAD }}', | |
'llm-08': '${{ env.LLM08_LEAD }}', | |
'llm-09': '${{ env.LLM09_LEAD }}', | |
'llm-10': '${{ env.LLM10_LEAD }}' | |
}; | |
// Check labels and assign based on mappings | |
labels.forEach(label => { | |
if (labelAssigneeMap[label]) { | |
const assignee = labelAssigneeMap[label]; | |
if (assignee && assignee !== 'TBC') { | |
assignees.push(assignee); | |
} | |
} | |
}); | |
// Remove duplicates and empty values | |
assignees = [...new Set(assignees)].filter(Boolean); | |
if (assignees.length > 0) { | |
try { | |
await github.rest.issues.addAssignees({ | |
issue_number: issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
assignees: assignees | |
}); | |
console.log(`Successfully assigned to: ${assignees.join(', ')}`); | |
} catch (assignError) { | |
// Log the error but don't fail the workflow | |
console.log(`Warning: Could not assign some users. ${assignError.message}`); | |
// Try to add a comment to the issue | |
await github.rest.issues.createComment({ | |
issue_number: issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: `⚠️ Note: Some assignees could not be added. Please check if all usernames are valid.` | |
}); | |
} | |
} else { | |
console.log('No valid assignees found for the given labels'); | |
} | |
} catch (error) { | |
// Log error but don't fail the workflow | |
console.log(`Error in workflow: ${error.message}`); | |
} | |
env: | |
GITHUB_TOKEN: ${{ secrets.ADS_OWASP_LLM_APPS_REPO_TOKEN }} |