-
Notifications
You must be signed in to change notification settings - Fork 94
65 lines (62 loc) · 1.95 KB
/
terraform-repo-governance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
---
name: Terraform repo governance
on:
schedule:
- cron: '43 0 * * 0'
workflow_dispatch:
permissions:
issues: write
jobs:
getrepos:
runs-on: ubuntu-latest
outputs:
repoarray: ${{ steps.graphql.outputs.repoarray }}
steps:
- name: query GitHub graphql API
id: graphql
run: |
RESULT=$(gh api graphql --paginate -f query='query {
search(query: "terraform-azurerm-avm user:azure", type: REPOSITORY, first: 100) {
repositoryCount
edges {
node {
... on Repository {
name
}
}
}
}
}')
NUMREPOS=$(echo $RESULT | jq '.data.search.repositoryCount')
echo "Number of repos found: $NUMREPOS"
REPOARRAY=$(echo $RESULT | jq -c '.data.search.edges | [.[].node.name]')
echo repoarray="$REPOARRAY"
echo repoarray="$REPOARRAY" >> "$GITHUB_OUTPUT"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
governance:
runs-on: ubuntu-latest
needs: getrepos
strategy:
max-parallel: 5
matrix:
repo: ${{ fromJson(needs.getrepos.outputs.repoarray) }}
steps:
- name: License check (SNFR10)
id: snfr10
run: |
ISMITLICENSE=$(gh api graphql -f query='query {
repository(owner: "azure", name: "'${{ matrix.repo }}'") {
licenseInfo {
name
}
}
}' | jq -e '.data.repository.licenseInfo.name == "MIT License"')
if [ "$ISMITLICENSE" = "true" ]; then
echo "MIT License found"
else
echo "MIT License not found"
gh issue create --title "MIT License not found: ${{ matrix.repo }}" --body "The repository ${{ matrix.repo }} does not have a MIT License"
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}