Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MQL Mimic: Change to PR CI, detect changes #828

Merged
merged 18 commits into from
Oct 2, 2023
Merged

MQL Mimic: Change to PR CI, detect changes #828

merged 18 commits into from
Oct 2, 2023

Conversation

cameron-dunn-sublime
Copy link
Member

@cameron-dunn-sublime cameron-dunn-sublime commented Sep 28, 2023
edited
Loading

The other side of these changes isn't finished out, but this part appears to be working as needed:

  • Changed (modified, deleted, new, etc) are reported via rule ID to the trigger endpoint.
  • The git SHA reported is the latest commit, e.g. with the rule ID added.
  • Branch and repo are reported correctly
    • This set of changes should also unlock getting MQL Mimic tests working on forks.

Once the other pieces are in place, we'll only run MQL mimic tests for detection rules touched in a PR. The endpoint will always be hit, but the workflow on the other side will succeed pretty quickly (it doesn't need to setup the platform or pull its large source).

e2abbf6 shows this running on push (as it will on main)

#829 shows it working as it will on a PR.

cameron-dunn-sublime
cameron-dunn-sublime commented Sep 29, 2023
View reviewed changes
.github/workflows/rule-validate.yml
- name: "Trigger MQL Mimic Tests"
env:
trigger_url: '${{ secrets.MQL_MOCK_TRIGGER }}'
branch: ${{ github.event_name == 'pull_request_target' && github.head_ref || github.ref }}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On main/etc github.ref will include "refs/heads/". I decided to just handle that downstream.

@cameron-dunn-sublime cameron-dunn-sublime requested review from a team September 29, 2023 00:36
@cameron-dunn-sublime cameron-dunn-sublime marked this pull request as ready for review September 29, 2023 00:37
@cameron-dunn-sublime cameron-dunn-sublime changed the title Change to PR CI, detect changes MQL Mimic: Change to PR CI, detect changes Sep 29, 2023
cameron-dunn-sublime
cameron-dunn-sublime commented Sep 29, 2023
View reviewed changes
.github/workflows/rule-validate.yml
@@ -30,6 +30,7 @@ jobs:
with:
ref: ${{ github.head_ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
depth: 0
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what's recommended for change detection. It takes 1 second to checkout, so I don't think this is worth even testing the alternatives (which are some higher number, or maybe API based detection but it's unclear if that's compatible with pull_request_target workflows)

@hugh-sublime hugh-sublime self-assigned this Oct 2, 2023
hugh-sublime
hugh-sublime approved these changes Oct 2, 2023
View reviewed changes
.github/workflows/rule-validate.yml
rule_id=$(yq '.id' $file)

echo "$file has rule ID $rule_id"
altered_rule_ids=$(echo "$rule_id"" ""$altered_rule_ids")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is so cursed "$rule_id"" ""$altered_rule_ids" but I don't know what else I expect from bash.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha "$rule_id $altered_rule_ids" should work too but I'll extra "` wrap often in case I'm forgetting some expansion that's going to happen.

@cameron-dunn-sublime cameron-dunn-sublime enabled auto-merge (squash) October 2, 2023 21:44
@cameron-dunn-sublime cameron-dunn-sublime merged commit d33fb37 into main Oct 2, 2023
@cameron-dunn-sublime cameron-dunn-sublime deleted the cd.pr-based-ci branch October 2, 2023 21:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugh-sublime hugh-sublime hugh-sublime approved these changes

Assignees

@hugh-sublime hugh-sublime

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cameron-dunn-sublime @hugh-sublime