.github/workflows/daily-product-scan.yml from department-of-veterans-affairs/vets-website

.github/workflows/daily-product-scan.yml
Summary

Maintainability

Test Coverage

Issues
on:
  schedule:
    - cron: '0 12 * * 1-5'
  
name: Daily Product Scan

jobs:
  daily-dependency-scan:
    name: Daily Product Scan
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017

      - name: Install dependencies
        uses: ./.github/workflows/install
        timeout-minutes: 30
        with:
          key: ${{ hashFiles('yarn.lock') }}
          yarn_cache_folder: .cache/yarn
          path: |
            .cache/yarn
            node_modules

      - name: Configure AWS Credentials
        uses: ./.github/workflows/configure-aws-credentials
        with:
          aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws_region: us-gov-west-1

      - name: Get va-vsp-bot token
        uses: ./.github/workflows/inject-secrets
        with:
          ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN
          env_variable_name: VA_VSP_BOT_GITHUB_TOKEN

      - name: Checkout product directory repo
        uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
        with:
          repository: department-of-veterans-affairs/product-directory
          token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }}
          path: product-directory

      - name: Set GitHub Product Directory Id
        uses: ./.github/workflows/inject-secrets
        with:
          ssm_parameter: /dsva-vagov/testing-team/product-directory/PRODUCT_DIRECTORY_APP_ID
          env_variable_name: PRODUCT_DIRECTORY_APP_ID

      - name: Set GitHub Product Directory Private Key
        uses: ./.github/workflows/inject-secrets
        with:
          ssm_parameter: /dsva-vagov/testing-team/product-directory/PRODUCT_DIRECTORY_PRIVATE_KEY
          env_variable_name: PRODUCT_DIRECTORY_PRIVATE_KEY

      - name: Install modules
        run: yarn

      - name: Run Product Scan & Update Product Directory
        run: yarn daily-product-scan
        env:
          MANIFEST_GLOB_PATH: src/applications/**/*manifest.json

      - name: Add and Commit change(s)
        uses: EndBug/add-and-commit@v9
        with:
          author_name: va-vsp-bot
          author_email: devops@va.gov
          cwd: product-directory
          add: 'product-directory.json'
          message: 'Update Product Directory'

      - name: Notify Slack that a PR in the Product Directory repo has been submitted
        if: ${{ success() && env.CHANGE_DETECTED == 'true' }}
        uses: ./.github/workflows/slack-notify
        env:
          SSL_CERT_DIR: /etc/ssl/certs
        with:
          payload: '{"attachments": [{"color": "#03D3FC","blocks": [{"type": "section","text": {"type": "mrkdwn","text": "<!here> AUTOMATIC UPDATE! The product-directory.json file has been updated. The updates have been merged to the main product directory."}}]}]}'
          channel_id: C026PD47Z19
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}