[REQ] Better support for mono repos (allow to change PR check name, comment linked to app) #226
Description
Is your request related to a workflow problem?
My company is migrating few repositories from Azure Devops to Github Actions and we are now using the ast-github-action.
We have multiple monorepositories that will run N number of workflows (and checkmarx scans using source_dir input) to different source directories based on file changes.
If I change files in different projects, multiple checkmarx scans will be triggered. The problem is: the PR check created after the scan have a hardcoded name Checkmarx, conflicting between each workflow run in the same PR. The check will be linked only to the last scan run, overriding other application scans.
Also, the comment in the PR is always edited with the new information.
It should be possible to make multiple comments by application and only edit the correct one.
Propose a solution
- Allow custom naming for the PR check created by the ast-cli by adding a
github-pr-check-nameinput. - Add the application name in the body of the PR comment to distinguish between applications in a monorepository.
- Make sure the edited comment edits the correct comment.
- Github API allows searching comments by body, so it would be easy to search a specific pattern (using body-regex or body-includes) like "Application Name: <app_name>"
Additional comments
The check in the PR (linked to the last scan)
The comment in the PR (I didn't re-run the actions, it was edited because checkmarx was run for 2 different workflows/applications in the same PR)
