Trestlebot initial

huiwangredhat · Sep 12, 2024 · 96df193 · 96df193
commit 96df193
Show file tree

Hide file tree

Showing 16 changed files with 216,867 additions and 0 deletions.
diff --git a/.github/workflows/trestlebot-autosync-catalog.yml b/.github/workflows/trestlebot-autosync-catalog.yml
@@ -0,0 +1,27 @@
+---
+name: Trestle-bot autosync catalog updates
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'catalogs/**'
+      - 'markdown/catalogs/**'
+
+jobs:
+  autosync:
+    name: Autosync catalog content
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Run autosync
+        id: autosync
+        uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
+        with:
+          markdown_path: "markdown/catalogs"
+          oscal_model: "catalog"
+          file_pattern: "*.json,markdown/*"
diff --git a/.github/workflows/trestlebot-autosync-profile.yml b/.github/workflows/trestlebot-autosync-profile.yml
@@ -0,0 +1,27 @@
+---
+name: Trestle-bot autosync profile updates
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'profiles/**'
+      - 'markdown/profiles/**'
+
+jobs:
+  autosync:
+    name: Autosync profile content
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Run autosync
+        id: autosync
+        uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
+        with:
+          markdown_path: "markdown/profiles"
+          oscal_model: "profile"
+          file_pattern: "*.json,markdown/*"
diff --git a/.github/workflows/trestlebot-create-component-definition.yml b/.github/workflows/trestlebot-create-component-definition.yml
@@ -0,0 +1,49 @@
+---
+name: Trestle-bot create component-definition
+
+on:
+  workflow_dispatch:
+    inputs:
+      profile_name:
+        description: Name of the Trestle profile to use for the component definition
+        required: true
+      component_definition_name:
+        description: Name of the component definition to create
+        required: true
+      component_title:
+        description: Name of the component to create in the generated component definition
+        required: true
+      component_type:
+        description: Type of the component (e.g. service, policy, physical, validation, etc.)
+        required: false
+        default: "service"
+      component_description:
+        description: Description of the component to create
+        required: true
+
+jobs:
+  create-component-definition:
+    name: Create component definition
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Create component definition and open pull request
+        id: generate-cd
+        uses: RedHatProductSecurity/trestle-bot/actions/create-cd@main
+        with:
+          profile_name: ${{ github.event.inputs.profile_name }}
+          component_definition_name: ${{ github.event.inputs.component_definition_name}}
+          component_title: ${{ github.event.inputs.component_title }}
+          component_type: ${{ github.event.inputs.component_type }}
+          component_description: ${{ github.event.inputs.component_description }}
+          markdown_path: "markdown/components"
+          branch: "create-component-definition-${{ github.run_id }}"
+          target_branch: "main"
+          file_pattern: "*.json,markdown/*,rules/*"
+          commit_message: "adds component  ${{ github.event.inputs.component_title }} in ${{ github.event.inputs.component_definition_name }}"
+          pull_request_title: "Add component ${{ github.event.inputs.component_title }} to ${{ github.event.inputs.component_definition_name }}"
+          github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/trestlebot-rules-transform.yml b/.github/workflows/trestlebot-rules-transform.yml
@@ -0,0 +1,45 @@
+---
+name: Trestle-bot rules-transform and autosync
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'profiles/**'
+      - 'catalogs/**'
+      - 'component-definitions/**'
+      - 'markdown/**'
+      - 'rules/**'
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  rules-transform-and-autosync:
+    name: Rules Transform and AutoSync
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: AutoSync
+        id: autosync
+        uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
+        with:
+          markdown_path: "markdown/components"
+          oscal_model: "compdef"
+          file_pattern: "*.json,markdown/*"
+      - name: Check if rules changed
+        id: changes
+        uses: dorny/paths-filter@v3
+        with:
+          filters: |
+            rules:
+              - 'rules/**'
+      - name: Rules Tranform
+        if: steps.changes.outputs.rules == 'true'
+        uses: RedHatProductSecurity/trestle-bot/actions/rules-transform@main
+        with:
+          markdown_path: "markdown"
+          commit_message: "Auto-transform rules [skip ci]"
diff --git a/.trestle/.keep b/.trestle/.keep
diff --git a/.trestlebot/.keep b/.trestlebot/.keep
diff --git a/catalogs/.keep b/catalogs/.keep