Add serial_number_source
option to PKI role
#7053
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Open Source Community Workflows | |
name: Project triage | |
on: | |
pull_request: | |
types: [opened, reopened] | |
# Runs on PRs to main | |
branches: | |
- main | |
issues: | |
types: [opened, reopened] | |
jobs: | |
add-to-projects: | |
# exclude internal PRs | |
if: github.event.pull_request.head.repo.owner.login != 'hashicorp' && ((github.event.action == 'reopened') || (github.event.action == 'opened')) | |
name: Add issue or PR to projects | |
runs-on: ubuntu-latest | |
steps: | |
- if: github.event.pull_request != null | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- if: github.event.pull_request != null | |
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
with: | |
# derived from CODEOWNERS | |
filters: | | |
cryptosec: | |
- 'builtin/logical/pki/**' | |
- 'builtin/logical/ssh/**' | |
- 'builtin/logical/totp/**' | |
- 'builtin/logical/transit/**' | |
ecosystem: | |
- 'builtin/credential/aws/**' | |
- 'builtin/credential/github/**' | |
- 'builtin/credential/ldap/**' | |
- 'builtin/credential/okta/**' | |
- 'builtin/logical/aws/**' | |
- 'builtin/logical/cassandra/**' | |
- 'builtin/logical/consul/**' | |
- 'builtin/logical/database/**' | |
- 'builtin/logical/mongodb/**' | |
- 'builtin/logical/mssql/**' | |
- 'builtin/logical/mysql/**' | |
- 'builtin/logical/nomad/**' | |
- 'builtin/logical/postgresql/**' | |
- 'builtin/logical/rabbitmq/**' | |
- 'command/agent/**' | |
- 'plugins/**' | |
- 'vault/plugin_catalog.go' | |
- 'ui/app/components/auth-jwt.js' | |
- 'ui/app/routes/vault/cluster/oidc-*.js' | |
devex: | |
- 'api/**' | |
- 'command/**' | |
ui: | |
- 'ui/**' | |
- name: "Default to core board" | |
run: echo "PROJECT=170" >> "$GITHUB_ENV" | |
- if: github.event.pull_request != null && steps.changes.outputs.cryptosec == 'true' | |
run: echo "PROJECT=172" >> "$GITHUB_ENV" | |
- if: github.event.pull_request != null && steps.changes.outputs.ecosystem == 'true' | |
run: echo "PROJECT=169" >> "$GITHUB_ENV" | |
- if: github.event.pull_request != null && steps.changes.outputs.devex == 'true' | |
run: echo "PROJECT=176" >> "$GITHUB_ENV" | |
- if: github.event.pull_request != null && steps.changes.outputs.ui == 'true' | |
run: echo "PROJECT=171" >> "$GITHUB_ENV" | |
- uses: actions/add-to-project@244f685bbc3b7adfa8466e08b698b5577571133e # v1.0.2 | |
with: | |
project-url: https://github.com/orgs/hashicorp/projects/${{ env.PROJECT }} | |
github-token: ${{ secrets.TRIAGE_GITHUB_TOKEN }} | |
# example of something more complicated: deleting an issue or PR automatically (though this is done in the project workflows already) | |
# we have to use the GraphQL API for anything involving projects. | |
# | |
# get-project: | |
# name: Get project data | |
# runs-on: ubuntu-latest | |
# if: github.event.action == 'closed' || github.event.action == 'deleted' | |
# outputs: | |
# project_id: ${{ steps.get-project.outputs.project_id }} | |
# steps: | |
# - id: get-project | |
# name: Get project data | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.TRIAGE_GITHUB_TOKEN }} | |
# ORGANIZATION: hashicorp | |
# PROJECT_NUMBER: 169 | |
# run: | | |
# gh api graphql -f query=' | |
# query($org: String!, $number: Int!) { | |
# organization(login: $org){ | |
# projectV2(number: $number) { | |
# id | |
# } | |
# } | |
# }' -f org=$ORGANIZATION -F number=$PROJECT_NUMBER > project_data.json | |
# echo "::set-output name=project_id::$(jq '.data.organization.projectV2.id' project_data.json)" | |
# delete-from-project: | |
# name: Remove issue or PR from project | |
# needs: [get-project] | |
# if: github.event.action == 'closed' || github.event.action == 'deleted' | |
# runs-on: ubuntu-latest | |
# steps: | |
# - name: Remove issue or PR | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.TRIAGE_GITHUB_TOKEN }} | |
# run: | | |
# PROJECT_ID=${{ needs.get-project.outputs.project_id }} | |
# item_id=${{ github.event.issue.node_id }} | |
# if [ -z "$item_id" ]; then | |
# item_id=${{ github.event.pull_request.node_id }} | |
# fi | |
# gh api graphql -f query=' | |
# mutation($project_id: ID!, $item_id: ID!) { | |
# deleteProjectV2Item( | |
# input: { | |
# projectId: $project_id | |
# itemId: $item_id | |
# } | |
# ) { | |
# deletedItemId | |
# } | |
# }' -f project_id=$PROJECT_ID -f item_id=$item_id || true |