.github/workflows/daily-product-scan.yml
on:
schedule:
- cron: '0 12 * * 1-5'
name: Daily Product Scan
jobs:
daily-dependency-scan:
name: Daily Product Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Configure AWS Credentials
uses: ./.github/workflows/configure-aws-credentials
with:
aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: us-gov-west-1
- name: Get va-vsp-bot token
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN
env_variable_name: VA_VSP_BOT_GITHUB_TOKEN
- name: Checkout product directory repo
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
with:
repository: department-of-veterans-affairs/product-directory
token: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }}
path: product-directory
- name: Set GitHub Product Directory Id
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /dsva-vagov/testing-team/product-directory/PRODUCT_DIRECTORY_APP_ID
env_variable_name: PRODUCT_DIRECTORY_APP_ID
- name: Set GitHub Product Directory Private Key
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /dsva-vagov/testing-team/product-directory/PRODUCT_DIRECTORY_PRIVATE_KEY
env_variable_name: PRODUCT_DIRECTORY_PRIVATE_KEY
- name: Install modules
run: yarn
- name: Run Product Scan & Update Product Directory
run: yarn daily-product-scan
env:
MANIFEST_GLOB_PATH: src/applications/**/*manifest.json
- name: Add and Commit change(s)
uses: EndBug/add-and-commit@v9
with:
author_name: va-vsp-bot
author_email: devops@va.gov
cwd: product-directory
add: 'product-directory.json'
message: 'Update Product Directory'
- name: Notify Slack that a PR in the Product Directory repo has been submitted
if: ${{ success() && env.CHANGE_DETECTED == 'true' }}
uses: ./.github/workflows/slack-notify
env:
SSL_CERT_DIR: /etc/ssl/certs
with:
payload: '{"attachments": [{"color": "#03D3FC","blocks": [{"type": "section","text": {"type": "mrkdwn","text": "<!here> AUTOMATIC UPDATE! The product-directory.json file has been updated. The updates have been merged to the main product directory."}}]}]}'
channel_id: C026PD47Z19
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}