Ubuntu 24.04: Implement rule 5.3.3.3.1 Ensure password history remember is configured #12076
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Gating | |
on: | |
pull_request_target: | |
branches: [ master, 'stabilization*' ] | |
jobs: | |
content-test-filtering: | |
name: Content Test Filtering on Ubuntu Latest | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install Deps | |
run: sudo apt-get update && sudo apt-get install git python3-jinja2 python3-yaml python3-setuptools python3-deepdiff python3-git python3-github python3-requests xmldiff python3-setuptools | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
# https://github.com/actions/checkout/issues/766 | |
- name: Set git safe directory | |
run: git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
- name: Find forking point | |
env: | |
BASE_BRANCH: ${{ github.base_ref }} | |
run: echo "FORK_POINT=$(git merge-base origin/$BASE_BRANCH ${{ github.event.pull_request.head.sha }})" >> $GITHUB_OUTPUT | |
id: fork_point | |
- name: Checkout fork point | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
ref: ${{ steps.fork_point.outputs.FORK_POINT }} | |
fetch-depth: 0 | |
- name: Checkout (CTF) | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
repository: ComplianceAsCode/content-test-filtering | |
path: ctf | |
- name: Detect content changes in the PR | |
run: python3 ./ctf/content_test_filtering.py pr --base ${{ steps.fork_point.outputs.FORK_POINT }} --remote_repo ${{ github.server_url }}/${{ github.repository }} --verbose --rule --output json ${{ github.event.pull_request.number }} > output.json | |
- name: Test if there are no content changes | |
run: echo "CTF_OUTPUT_SIZE=$(stat --printf="%s" output.json)" >> $GITHUB_OUTPUT | |
id: ctf | |
- name: Print changes to content detected if any | |
if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} | |
run: cat output.json | |
- name: Get product attribute | |
if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} | |
id: product | |
uses: notiz-dev/github-action-json-property@a5a9c668b16513c737c3e1f8956772c99c73f6e8 # v0.2.0 | |
with: | |
path: 'output.json' | |
prop_path: 'product' | |
- name: Find Comment | |
uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3 | |
id: fc | |
with: | |
issue-number: ${{ github.event.pull_request.number }} | |
comment-author: 'github-actions[bot]' | |
body-includes: Start a new ephemeral environment with changes proposed in this pull request | |
- name: Create or update comment | |
if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE != '0' }} | |
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4 | |
with: | |
comment-id: ${{ steps.fc.outputs.comment-id }} | |
issue-number: ${{ github.event.pull_request.number }} | |
body: | | |
Start a new ephemeral environment with changes proposed in this pull request: | |
${{steps.product.outputs.prop}} (from CTF) Environment (using Fedora as testing environment) | |
[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#PRODUCT=${{steps.product.outputs.prop}},CONTAINER=fedora/${{ github.server_url }}/${{ github.repository }}/pull/${{ github.event.pull_request.number }}) | |
Fedora Testing Environment | |
[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#${{ github.server_url }}/${{ github.repository }}/pull/${{ github.event.pull_request.number }}) | |
Oracle Linux 8 Environment | |
[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#PRODUCT=ol8/${{ github.server_url }}/${{ github.repository }}/pull/${{ github.event.pull_request.number }}) | |
edit-mode: replace | |
- name: Create or update a trimmed comment | |
if: ${{ steps.ctf.outputs.CTF_OUTPUT_SIZE == '0' }} | |
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4 | |
with: | |
comment-id: ${{ steps.fc.outputs.comment-id }} | |
issue-number: ${{ github.event.pull_request.number }} | |
body: | | |
Start a new ephemeral environment with changes proposed in this pull request: | |
Fedora Environment | |
[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#${{ github.server_url }}/${{ github.repository }}/pull/${{ github.event.pull_request.number }}) | |
Oracle Linux 8 Environment | |
[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#PRODUCT=ol8/${{ github.server_url }}/${{ github.repository }}/pull/${{ github.event.pull_request.number }}) | |
edit-mode: replace |