Merge branch 'develop' into MON-106121-gorgone-use-vault-autonomous-l…

…ibrary
centreon · Dec 10, 2024 · 79f2f38 · 79f2f38
2 parents 9f9e753 + 47302f2
commit 79f2f38
Show file tree

Hide file tree

Showing 137 changed files with 5,399 additions and 365 deletions.
diff --git a/.github/actions/create-jira-ticket/action.yml b/.github/actions/create-jira-ticket/action.yml
@@ -0,0 +1,142 @@
+name: Workflow incident tracking
+description: Create Jira ticket on incident
+
+inputs:
+  jira_base_url:
+    required: true
+    description: jira base url
+  jira_user_email:
+    required: true
+    description: jira user email
+  jira_api_token:
+    required: true
+    description: jira api token
+  module_name:
+    required: true
+    description: module name
+  ticket_labels:
+    required: true
+    description: ticket labels, usually Pipeline + Nightly/Veracode + x
+    default: 'Pipeline'
+
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+
+    - name: Get ticket elements from context
+      id: get_context
+      run: |
+        # Safely set/unset IFS in order to parse the table of labels properly
+        [ -n "${IFS+set}" ] && saved_IFS=$IFS
+        IFS=', ' read -a ticket_labels <<< $(echo "${{ inputs.ticket_labels }}" | tr -d "[],'")
+        unset IFS
+        [ -n "${saved_IFS+set}" ] && { IFS=$saved_IFS; unset saved_IFS; }
+
+        # Change context elements (summary, parent epic, etc.) that is checked depending on the ticket labels in the input
+        if [[ "${ticket_labels[@]}" =~ "Veracode" ]]; then
+          parent_epic_id=83818
+          parent_epic_key="AT-268"
+          ticket_summary="PR-${{ github.event.pull_request.number }} incident on ${{ inputs.module_name }}"
+
+          JSON_TEMPLATE_FILE="./.github/actions/create-jira-ticket/veracode-ticket-template.json"
+          sed -i \
+            -e 's|@PULL_REQUEST_NUMBER@|${{ github.event.pull_request.number }}|g' \
+            -e 's|@PULL_REQUEST_URL@|${{ github.event.pull_request.html_url }}|g' $JSON_TEMPLATE_FILE
+        elif [[ "${ticket_labels[@]}" =~ "Nightly" ]]; then
+          parent_epic_id=206242
+          parent_epic_key="MON-151547"
+          ticket_summary="$(date '+%Y-%m-%d') ${{ inputs.module_name }}-${{ github.ref_name }} nightly build failure"
+
+          JSON_TEMPLATE_FILE="./.github/actions/create-jira-ticket/nightly-ticket-template.json"
+          sed -i \
+            -e 's|@MODULE_NAME@|${{ inputs.module_name }}|g' \
+            -e "s|@DATE@|$(date '+%Y-%m-%d')|g" $JSON_TEMPLATE_FILE
+        else
+          echo "::error::Cannot find a valid labelling option for the ticket."
+          exit 1
+        fi
+
+        sed -i \
+          -e 's|@GITHUB_BRANCH@|${{ github.base_ref || github.ref_name }}|g' \
+          -e 's|@GITHUB_SERVER_URL@|${{ github.server_url }}|g' \
+          -e 's|@GITHUB_REPOSITORY@|${{ github.repository }}|g' \
+          -e 's|@GITHUB_RUN_ID@|${{ github.run_id }}|g' \
+          -e 's|@GITHUB_RUN_ATTEMPT@|${{ github.run_attempt }}|g' $JSON_TEMPLATE_FILE
+
+        echo "parent_epic_id=$parent_epic_id" >> $GITHUB_OUTPUT
+        echo "parent_epic_key=$parent_epic_key" >> $GITHUB_OUTPUT
+        echo "ticket_summary=$ticket_summary" >> $GITHUB_OUTPUT
+        echo "json_template_file=$JSON_TEMPLATE_FILE" >> $GITHUB_OUTPUT
+
+        cat $JSON_TEMPLATE_FILE
+        cat $GITHUB_OUTPUT
+      shell: bash
+      env:
+        GH_TOKEN: ${{ github.token }}
+
+    - name: Check if the ticket already exists
+      id: check_ticket
+      run: |
+        # Checking if an incident ticket already exists
+        response=$(curl \
+          --write-out "%{http_code}" \
+          --request POST \
+          --url "${{ inputs.jira_base_url }}/rest/api/3/search" \
+          --user "${{ inputs.jira_user_email }}:${{ inputs.jira_api_token }}" \
+          --header "Accept:application/json" \
+          --header "Content-Type:application/json" \
+          --data '{
+              "fields": ["summary"],
+              "jql": "project = MON AND parentEpic = ${{ steps.get_context.outputs.parent_epic_key }} AND issueType = Technical AND summary ~ \"${{ steps.get_context.outputs.ticket_summary }}\" AND component = \"${{ inputs.module_name }}\" AND resolution = unresolved ORDER BY key ASC",
+              "maxResults": 1
+            }'
+          )
+        echo "[DEBUG] $response"
+        if [[ $(echo "$response" | tr -d '\n' | tail -c 3) -ne 200 ]]; then
+          echo "::error:: Jira API request was not completed properly."
+        fi
+        check_if_ticket_exists=$(echo "$response" | head -c -4 | jq .issues[0].key)
+        if [[ "$check_if_ticket_exists" != "null" ]]; then
+          echo "abort_ticket_creation=true" >> $GITHUB_ENV
+          echo "::error::ticket found as $check_if_ticket_exists aborting ticket creation"
+        fi
+      shell: bash
+
+    - name: Create Jira Issue
+      if: ${{ env.abort_ticket_creation != 'true' }}
+      run: |
+        # Creating a new incident ticket on Jira
+        DATA=$( cat <<-EOF
+        {
+          "fields": {
+            "summary": "${{ steps.get_context.outputs.ticket_summary }}",
+            "project": {"key": "MON"},
+            "issuetype": {"id": "10209"},
+            "parent": {"id": "${{ steps.get_context.outputs.parent_epic_id }}", "key": "${{ steps.get_context.outputs.parent_epic_key }}"},
+            "labels": ${{ inputs.ticket_labels }},
+            "components":[{"name": "${{ inputs.module_name }}"}],
+            "customfield_10902": {"id": "10524", "value": "DevSecOps"},
+            "customfield_10005": 1.0,
+            "description": $(cat ${{ steps.get_context.outputs.json_template_file }})
+          }
+        }
+        EOF
+        )
+
+        response=$(curl \
+          --request POST \
+          --url "${{ inputs.jira_base_url }}/rest/api/3/issue" \
+          --user "${{ inputs.jira_user_email }}:${{ inputs.jira_api_token }}" \
+          --header 'Accept: application/json' \
+          --header 'Content-Type: application/json' \
+          --data "$DATA")
+        echo $response
+        if [ $? -ne 0 ]; then
+          echo "::error::Failed to create ticket: $response"
+          exit 1
+        fi
+
+        ticket_key=$(echo "$response" | jq -r .key)
+        echo "::notice::Created ticket: $ticket_key"
+      shell: bash
diff --git a/.github/actions/create-jira-ticket/nightly-ticket-template.json b/.github/actions/create-jira-ticket/nightly-ticket-template.json
@@ -0,0 +1,32 @@
+{
+  "version": 1,
+  "type": "doc",
+  "content": [
+    {
+      "type": "paragraph",
+      "content": [
+        {
+          "type": "text",
+          "text": "This incident ticket relates to the @MODULE_NAME@ nightly on the @GITHUB_BRANCH@ branch which failed on @DATE@."
+        }
+      ]
+    },
+    {
+      "type": "paragraph",
+      "content": [
+        {
+          "type": "text",
+          "text": "Link to the failed nightly",
+          "marks": [
+            {
+              "type": "link",
+              "attrs": {
+                "href": "@GITHUB_SERVER_URL@/@GITHUB_REPOSITORY@/actions/runs/@GITHUB_RUN_ID@/attempts/@GITHUB_RUN_ATTEMPT@"
+              }
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}
diff --git a/.github/actions/package/action.yml b/.github/actions/package/action.yml
@@ -114,7 +114,7 @@ runs:
     # Update if condition to true to get packages as artifacts
     - if: ${{ contains(github.event.pull_request.labels.*.name, 'upload-artifacts') }}
       name: Upload package artifacts
-      uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
       with:
         name: ${{ inputs.arch != '' && format('packages-{0}-{1}', inputs.distrib, inputs.arch) || format('packages-{0}', inputs.distrib) }}-${{ inputs.stability }}
         path: ./*.${{ inputs.package_extension}}