site-scanning-engine/.github/workflows/enqueue-scans.yml at main · GSA/site-scanning-engine · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
---
name: Enqueue scans

# yamllint disable-line rule:truthy
on:
  schedule:
    - cron: '0 0 * * 1,3,5'

  workflow_dispatch:
    inputs:
      cf_space:
        description: deployed cloud.gov space
        required: true
        default: prod

jobs:
  enqueue:
    runs-on: ubuntu-latest

    steps:
      - name: run enqueue-scans cli job in chosen space
        uses: cloud-gov/cg-cli-tools@main
        with:
          cf_api: https://api.fr.cloud.gov
          cf_username: ${{ secrets.CF_USERNAME }}
          cf_password: ${{ secrets.CF_PASSWORD }}
          cf_org: gsatts-sitescan
          cf_space: ${{ github.event.inputs.cf_space || 'prod' }}
          cf_command: run-task site-scanner-consumer
            -c "node dist/apps/cli/main.js enqueue-scans"
            -k 2G -m 2G
            --name github-action-enqueue-scans-${{ github.run_id }}

      - name: Create issue on failure
        if: failure()
        uses: actions/github-script@v7
        with:
          github-token: ${{ secrets.SITE_SCANNING_ISSUE_REPO_TOKEN }}
          script: |
            await github.rest.issues.create({
              owner: 'gsatts-sitescan',
              repo: 'site-scanning',
              title: `Workflow failed: ${context.workflow}`,
              body: `Workflow **${context.workflow}** failed in [${context.repo.owner}/${context.repo.repo}](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}).\n\nRef: \`${context.ref}\`\nSHA: \`${context.sha}\``
            });