testing changes

Author: oarbusi

.github/workflows/publish.yaml

@@ -22,89 +22,14 @@ on:
         required: true
 
 jobs:
-  publish:
-    env: # env vars defined here can be referenced in env vars inside the steps
-      MONGODB_ATLAS_BASE_URL: ${{ github.event.inputs.resourceName=='resource-policy' && 'https://cloud-qa.mongodb.com/' || 'https://cloud.mongodb.com/' }}
-      MONGODB_ATLAS_OUTPUT: 'json'
-      # some resources need specific Atlas credentials and orgs
-      MONGODB_ATLAS_ORG_ID: ${{ github.event.inputs.resourceName=='organization' && secrets.ATLAS_ORG_ID || github.event.inputs.resourceName=='resource-policy' && vars.MONGODB_ATLAS_RP_ORG_ID_QA || github.event.inputs.resourceName=='federated-settings-org-role-mapping' && secrets.ATLAS_ORG_ID_FOR_FEDERATION || secrets.ATLAS_ORG_ID_PUBLISHING }}
-      MONGODB_ATLAS_PUBLIC_KEY: ${{ github.event.inputs.resourceName=='organization' && secrets.ATLAS_PUBLIC_KEY || github.event.inputs.resourceName=='resource-policy' && secrets.MONGODB_ATLAS_RP_PUBLIC_KEY_QA || github.event.inputs.resourceName=='federated-settings-org-role-mapping' && secrets.ATLAS_PUBLIC_KEY_FOR_FEDERATION || secrets.ATLAS_PUBLIC_KEY_PUBLISHING }}
-      MONGODB_ATLAS_PRIVATE_KEY: ${{ github.event.inputs.resourceName=='organization' && secrets.ATLAS_PRIVATE_KEY || github.event.inputs.resourceName=='resource-policy' && secrets.MONGODB_ATLAS_RP_PRIVATE_KEY_QA || github.event.inputs.resourceName=='federated-settings-org-role-mapping' && secrets.ATLAS_PRIVATE_KEY_FOR_FEDERATION || secrets.ATLAS_PRIVATE_KEY_PUBLISHING }}
-      MONGODB_ATLAS_PROFILE: ${{ github.event.inputs.resourceName=='organization' && 'cfn-publish-organization-profile' || github.event.inputs.resourceName=='resource-policy' && 'qa-resource-policy-cloud-profile' || 'default' }}
-    strategy:
-      fail-fast: false
-      max-parallel: ${{ fromJSON(github.event.inputs.maxParallelRegions) }}
-      matrix:
-        region: ${{ fromJSON(github.event.inputs.regions) }}
-    name: publish-${{ matrix.region }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5
-        with:
-          go-version-file: 'cfn-resources/go.mod'
-      - name: setup Atlas CLI
-        uses: mongodb/atlas-github-action@15663d068c40a8582d881560961fce9d45e0df9a
-      - uses: aws-actions/setup-sam@819220f63fb333a9a394dd0a5cab2d8303fd17e2
-        with:
-          use-installer: true
-      - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PUBLISHING }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PUBLISHING }}
-          aws-region: ${{ matrix.region }}
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
-        with:
-          python-version: '3.9'
-          cache: 'pip' # caching pip dependencies
-      - name: Install AWS CLI & tools
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y python3-pip
-          pip install awscli cloudformation-cli cloudformation-cli-go-plugin
-      - name: Run publishing script
-        run: 'cd cfn-resources && ./cfn-publish.sh "${{ github.event.inputs.resourceName }}"'
-        env:
-          RESOURCE_VERSION_PUBLISHING: ${{ github.event.inputs.resourceVersionPublishing }}
-          MCLI_OPS_MANAGER_URL: ${{ env.MONGODB_ATLAS_BASE_URL }}
-          MCLI_OUTPUT: ${{ env.MONGODB_ATLAS_OUTPUT }}
-          MCLI_ORG_ID: ${{ env.MONGODB_ATLAS_ORG_ID }}
-          MCLI_PUBLIC_API_KEY: ${{ env.MONGODB_ATLAS_PUBLIC_KEY }}
-          MCLI_PRIVATE_API_KEY: ${{ env.MONGODB_ATLAS_PRIVATE_KEY }}
-          AWS_DEFAULT_REGION: ${{ matrix.region }}
-          AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID_PUBLISHING}}
-          MONGODB_ATLAS_ORG_OWNER_ID: ${{ github.event.inputs.resourceName=='organization' && secrets.ATLAS_ORG_OWNER_ID || secrets.ATLAS_ORG_OWNER_ID_PUBLISHING }}
-          ATLAS_FEDERATED_SETTINGS_ID: ${{ secrets.ATLAS_FEDERATED_SETTINGS_ID_PUBLISHING }}
-          MONGODB_ATLAS_PROFILE: ${{ env.MONGODB_ATLAS_PROFILE }}
-
-          # LDAP config
-          LDAP_HOST_NAME: ${{ secrets.LDAP_HOST_NAME_PUBLISHING }}
-          LDAP_BIND_USER_NAME: ${{ secrets.LDAP_BIND_USER_NAME_PUBLISHING }}
-          LDAP_BIND_PASSWORD: ${{ secrets.LDAP_BIND_PASSWORD_PUBLISHING }}
-
-          # Third-party integration config
-          WEBHOOK_CREATE_URL: ${{ secrets.WEBHOOK_CREATE_URL_PUBLISHING }}
-          WEBHOOK_UPDATE_URL: ${{ secrets.WEBHOOK_UPDATE_URL_PUBLISHING }}
-          WEBHOOK_UPDATE_SECRET: ${{ secrets.WEBHOOK_UPDATE_SECRET_PUBLISHING }}
-          PROMETHEUS_USER_NAME: ${{ secrets.PROMETHEUS_USER_NAME_PUBLISHING }}
-          PROMETHEUS_PASSWORD_NAME: ${{ secrets.PROMETHEUS_PASSWORD_NAME_PUBLISHING }}
-          PAGER_DUTY_CREATE_SERVICE_KEY: ${{ secrets.PAGER_DUTY_CREATE_SERVICE_KEY_PUBLISHING }}
-          PAGER_DUTY_UPDATE_SERVICE_KEY: ${{ secrets.PAGER_DUTY_UPDATE_SERVICE_KEY_PUBLISHING }}
-          DATA_DOG_CREATE_API_KEY: ${{ secrets.DATA_DOG_CREATE_API_KEY_PUBLISHING }}
-          DATA_DOG_UPDATE_API_KEY: ${{ secrets.DATA_DOG_UPDATE_API_KEY_PUBLISHING }}
-          OPS_GENIE_API_KEY: ${{ secrets.OPS_GENIE_API_KEY_PUBLISHING }}
-          MICROSOFT_TEAMS_WEBHOOK_CREATE_URL: ${{ secrets.MICROSOFT_TEAMS_WEBHOOK_CREATE_URL_PUBLISHING }}
-          MICROSOFT_TEAMS_WEBHOOK_UPDATE_URL: ${{ secrets.MICROSOFT_TEAMS_WEBHOOK_UPDATE_URL_PUBLISHING }}
-      
   compliance:
-    needs: publish
     runs-on: ubuntu-latest
     steps:
       - name: terraform-provider-mongodbatlas-checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
         with:
           repository: mongodb/terraform-provider-mongodbatlas
-          ref: make-run-script-gha-reusable
+          ref: make-run-script-gha-reusable # TODO: change master
       - name: Generate SSDLC report
         uses: ./.github/templates/run-script-and-commit
         with:
@@ -114,7 +39,6 @@ jobs:
           remote: https://svc-apix-bot:${{ secrets.APIX_BOT_PAT }}@github.com/${{ github.repository }}
           gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.APIX_BOT_PASSPHRASE }}
-
           file_to_commit: 'cfn-resources/${{ github.event.inputs.resourceName }}/compliance/v*/*'
           commit_message:
             "chore: Update SSDLC report for ${{ github.event.inputs.resourceVersionPublishing }}"

Makefile

@@ -68,4 +68,3 @@ gen-sbom-and-ssdlc-report:
 	./scripts/gen-purl.sh $(RESOURCE)
 	./scripts/generate-sbom.sh $(RESOURCE) $(VERSION)
 	./scripts/gen-ssdlc-report.sh $(RESOURCE) $(VERSION)
-	./scripts/upload-sbom.sh $(RESOURCE) $(VERSION)