Merge pull request #5 from OpenPathfinder/feat/add-policies

Author: UlisesGascon

.github/workflows/sync_checks.yml .github/workflows/sync_data.yml.github/workflows/sync_checks.yml renamed to .github/workflows/sync_data.yml

@@ -1,4 +1,4 @@
-name: Sync and update Compliance Checks
+name: Sync checks and policies
 
 on:
   # Manually trigger the workflow
@@ -67,10 +67,22 @@ jobs:
           git add -A
           git diff --cached --quiet || git commit -m "chore: sync with visionBoard Checks"
 
+      - name: Clone fortSphere and import policies
+        run: |
+          git clone https://github.com/OpenPathfinder/fortSphere.git temp-fortSphere
+          cd temp-fortSphere
+          npm install
+          mkdir -p output
+          npm run export-policies
+          cp output/policies.json ../data/policies.json
+          cd ..
+          rm -rf temp-fortSphere
+
       - name: Install Dependencies and update dynamic content
         run: |
           npm install
           npm run populate-checks
+          npm run populate-policies
 
       - name: Debug Git Changes
         run: |

data/policies.json

@@ -0,0 +1,8 @@
+[
+  {
+    "name": "restrictRepoCreationGitHub",
+    "title": "Restrict Repository Creation",
+    "description": "This policy is designed to prevent members of a GitHub organization from creating new repositories. This includes public and private repositories.",
+    "technicalDetails": "This policy will set the following values for the organization(`members_allowed_repository_creation_type=none`, `members_can_create_public_repositories=false`, `members_can_create_private_repositories=false`) at the organization level."
+  }
+]

docs/policies/_category_.json

@@ -0,0 +1,4 @@
+{
+    "label": "Policies",
+    "position": 4
+  }

docs/policies/restrictRepoCreationGitHub.mdx

@@ -0,0 +1,16 @@
+---
+sidebar_position: 1
+id: restrictRepoCreationGitHub
+title: Restrict Repository Creation
+slug: /policies/restrictRepoCreationGitHub
+---
+
+<!-- DESCRIPTION:START -->
+## Description
+This policy is designed to prevent members of a GitHub organization from creating new repositories. This includes public and private repositories.
+<!-- DESCRIPTION:END -->
+
+<!-- TECHNICAL-DETAILS:START -->
+## Technical Details
+This policy will set the following values for the organization(`members_allowed_repository_creation_type=none`, `members_can_create_public_repositories=false`, `members_can_create_private_repositories=false`) at the organization level.
+<!-- TECHNICAL-DETAILS:END -->

package.json

@@ -12,7 +12,8 @@
     "serve": "docusaurus serve",
     "write-translations": "docusaurus write-translations",
     "write-heading-ids": "docusaurus write-heading-ids",
-    "populate-checks": "node scripts/populate-checks.js"
+    "populate-checks": "node scripts/populate-checks.js",
+    "populate-policies": "node scripts/populate-policies.js"
   },
   "dependencies": {
     "@docusaurus/core": "3.6.3",

scripts/populate-policies.js

@@ -0,0 +1,63 @@
+const { writeFileSync, existsSync, readFileSync } = require('fs')
+const { updateOrCreateSegment } = require('@ulisesgascon/text-tags-manager')
+const path = require('path')
+
+const policies = require('../data/policies.json')
+const descriptionStartTag = '<!-- DESCRIPTION:START -->'
+const descriptionEndTag = '<!-- DESCRIPTION:END -->'
+const technicalDetailsStartTag = '<!-- TECHNICAL-DETAILS:START -->'
+const technicalDetailsEndTag = '<!-- TECHNICAL-DETAILS:END -->'
+
+// @TODO: Move this function to a shared file
+const replaceMetadata = (fileContent, metadata) => {
+  return fileContent.replace(/---[^]*?---/, metadata)
+}
+
+// Prepare the markdown files
+policies.forEach((policy, index) => {
+  const metadata = `---
+sidebar_position: ${index + 1}
+id: ${policy.name}
+title: ${policy.title}
+slug: /policies/${policy.name}
+---`.trim()
+  const descriptionContent = `## Description
+${policy.description}`.trim()
+  const technicalDetailsContent = `## Technical Details
+${policy.technicalDetails}`.trim()
+
+  let fileContent = `${metadata}
+
+${descriptionStartTag}
+${descriptionContent}
+${descriptionEndTag}
+
+${technicalDetailsStartTag}
+${technicalDetailsContent}
+${technicalDetailsEndTag}
+`
+  const updateContent = (currentContent) => {
+    fileContent = currentContent
+    replaceMetadata(fileContent, metadata)
+    fileContent = updateOrCreateSegment({
+      original: fileContent,
+      replacementSegment: descriptionContent,
+      startTag: descriptionStartTag,
+      endTag: descriptionEndTag
+    })
+    fileContent = updateOrCreateSegment({
+      original: fileContent,
+      replacementSegment: technicalDetailsContent,
+      startTag: technicalDetailsStartTag,
+      endTag: technicalDetailsEndTag
+    })
+  }
+
+  const destination = path.join(process.cwd(), `docs/policies/${policy.name}.mdx`)
+  const fileExists = existsSync(destination)
+  if (fileExists) {
+    const currentFileContent = readFileSync(destination, 'utf8')
+    updateContent(currentFileContent)
+  }
+  writeFileSync(destination, fileContent)
+})