dont use composite action from tf repo (this repo does not have go)

oarbusi · oarbusi · commit 0eae080f1618 · 2025-06-16T17:11:48.000+02:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -330,25 +330,37 @@ jobs:
           repository: mongodb/terraform-provider-mongodbatlas
           ref: master
       - name: Generate SSDLC report
-        uses: mongodb/terraform-provider-mongodbatlas/.github/templates/run-script-and-commit@master
-        with:
-          script_call: |
-            AUTHOR="${{ github.actor }}"
-            export AUTHOR
-            export VERSION=${{ steps.extract-version.outputs.VERSION }}
-            ./scripts/compliance/gen-ssdlc-report.sh
-          apix_bot_pat: ${{ secrets.APIX_BOT_PAT }}
-          remote: https://svc-apix-bot:${{ secrets.APIX_BOT_PAT }}@github.com/${{ github.repository }}
-          gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
-          passphrase: ${{ secrets.APIX_BOT_PASSPHRASE }}
-          file_to_commit: 'compliance/v*/*'
-          commit_message:
-            "chore: Update SSDLC report for ${{ steps.extract-version.outputs.VERSION }}"
+        run: |
+          AUTHOR="${{ github.actor }}"
+          export AUTHOR
+          export VERSION=${{ steps.extract-version.outputs.VERSION }}
+          ./scripts/compliance/gen-ssdlc-report.sh
         env:
           KONDUKTO_TOKEN: ${{ secrets.KONDUKTO_TOKEN }}
           SILKBOMB_IMG: ${{ vars.SILKBOMB_IMG }}
           KONDUKTO_REPO: ${{ vars.KONDUKTO_REPO }}
           KONDUKTO_BRANCH_PREFIX: ${{ vars.KONDUKTO_BRANCH_PREFIX }}
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec
+        with:
+          gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.APIX_BOT_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+      - name: Commit changes
+        shell: bash
+        run: |
+          if [[ $(git status --porcelain) ]]; then
+            git pull
+            git config --local user.email svc-api-experience-integrations-escalation@mongodb.com
+            git config --local user.name svc-apix-bot
+            git remote set-url origin https://svc-apix-bot:${{ secrets.APIX_BOT_PAT }}@github.com/${{ github.repository }}
+            git add compliance/v*/*
+            git commit -m "chore: Update SSDLC report for ${{ steps.extract-version.outputs.VERSION }}"
+            git push origin
+          else
+            echo "No changes to commit."
+          fi
       - name: Upload SBOM as release artifact
         uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631
         with:
