|
1 | 1 | name: Check md files vs API |
2 | 2 |
|
3 | | -env: |
4 | | - BASE_URL: ${{ secrets.BASE_URL }} |
5 | | - NETWORK_ID: ${{ secrets.NETWORK_ID }} |
6 | | - API_KEY: ${{ secrets.MERAKI_API_KEY }} |
7 | | - |
8 | 3 | on: |
9 | 4 | schedule: |
10 | | - - cron: "20 6 * * *" # every day at 06:20 UTC |
| 5 | + - cron: "20 6 * * *" |
11 | 6 | workflow_dispatch: |
12 | 7 | inputs: |
13 | 8 | branch: |
14 | 9 | description: "Branch to check files in" |
15 | 10 | required: true |
16 | 11 | default: "gh-action-for-ids" |
17 | 12 |
|
| 13 | +env: |
| 14 | + BASE_URL: ${{ secrets.BASE_URL }} |
| 15 | + NETWORK_ID: ${{ secrets.NETWORK_ID }} |
| 16 | + API_KEY: ${{ secrets.MERAKI_API_KEY }} |
| 17 | + |
18 | 18 | jobs: |
19 | | - check: |
20 | | - name: Verify Content Filtering Categories and Application Categories IDs |
| 19 | + check_categories: |
21 | 20 | runs-on: ubuntu-latest |
22 | | - timeout-minutes: 15 |
23 | | - concurrency: md_check |
24 | | - |
25 | 21 | steps: |
26 | | - - name: Checkout |
27 | | - uses: actions/checkout@v4 |
28 | | - with: |
29 | | - ref: ${{ github.event.inputs.branch || 'main' }} |
| 22 | + - name: Checkout repo |
| 23 | + uses: actions/checkout@v3 |
30 | 24 |
|
31 | | - - name: Fetch API outputs |
32 | | - env: |
33 | | - BASE_URL: ${{ secrets.BASE_URL }} |
34 | | - NETWORK_ID: ${{ secrets.NETWORK_ID }} |
35 | | - API_KEY: ${{ secrets.MERAKI_API_KEY }} |
| 25 | + - name: Install jq |
| 26 | + run: sudo apt-get install -y jq |
| 27 | + |
| 28 | + - name: Check contentFiltering categories |
36 | 29 | run: | |
37 | | - curl -s -H "X-Cisco-Meraki-API-Key: $API_KEY" \ |
38 | | - "$BASE_URL/networks/$NETWORK_ID/appliance/firewall/l7FirewallRules/applicationCategories" \ |
39 | | - -o api_applicationCategories.json |
| 30 | + REF_FILE_CF="docs/ContentFilteringCategories.md" |
| 31 | + API_TMP_CF="tmp_api_CF.md" |
| 32 | + MISMATCH=0 |
40 | 33 |
|
| 34 | + echo "=== Fetching contentFiltering categories ===" |
41 | 35 | curl -s -H "X-Cisco-Meraki-API-Key: $API_KEY" \ |
42 | 36 | "$BASE_URL/networks/$NETWORK_ID/appliance/contentFiltering/categories" \ |
43 | | - -o api_contentFilteringCategories.json |
44 | | -
|
45 | | - - name: Compare JSON files with API |
46 | | - run: | |
47 | | - #!/usr/bin/env bash |
48 | | - set -e |
| 37 | + | jq -r '.[] | "id: \(.id)\nname: \(.name)\n"' > "$API_TMP_CF" |
49 | 38 |
|
50 | | - REF_FILE_CF="data/contentFilteringCategories.json" |
51 | | - API_FILE_CF="api_contentFilteringCategories.json" |
52 | | -
|
53 | | - REF_FILE_APP="data/applicationCategories.json" |
54 | | - API_FILE_APP="api_applicationCategories.json" |
55 | | -
|
56 | | - MISMATCH=0 |
57 | | -
|
58 | | - echo "=== Checking contentFiltering categories ===" |
59 | | - # Compare reference → API |
60 | | - for id in $(jq -r '.categories[].id' "$REF_FILE_CF"); do |
61 | | - REF_NAME=$(jq -r ".categories[] | select(.id==\"$id\") | .name" "$REF_FILE_CF") |
62 | | - API_NAME=$(jq -r ".categories[] | select(.id==\"$id\") | .name // empty" "$API_FILE_CF") |
63 | | - if [ "$REF_NAME" != "$API_NAME" ]; then |
64 | | - echo "Mismatch for category ID $id: ref='$REF_NAME', api='$API_NAME'" |
| 39 | + echo "=== Comparing contentFiltering categories ===" |
| 40 | + while IFS= read -r ref_line; do |
| 41 | + api_line=$(grep -F "$ref_line" "$API_TMP_CF" || true) |
| 42 | + if [ -z "$api_line" ]; then |
| 43 | + echo "❌ Mismatch or missing line in API: '$ref_line'" |
65 | 44 | MISMATCH=1 |
66 | 45 | fi |
67 | | - done |
| 46 | + done < "$REF_FILE_CF" |
68 | 47 |
|
69 | | - # Check API → reference (extra IDs in API) |
70 | | - for id in $(jq -r '.categories[].id' "$API_FILE_CF"); do |
71 | | - REF_NAME=$(jq -r ".categories[] | select(.id==\"$id\") | .name // empty" "$REF_FILE_CF") |
72 | | - if [ -z "$REF_NAME" ]; then |
73 | | - API_NAME=$(jq -r ".categories[] | select(.id==\"$id\") | .name" "$API_FILE_CF") |
74 | | - echo "Extra contentFiltering category in API not in reference: ID=$id, name='$API_NAME'" |
| 48 | + # Check for extra items in API not in reference |
| 49 | + while IFS= read -r api_line; do |
| 50 | + ref_line=$(grep -F "$api_line" "$REF_FILE_CF" || true) |
| 51 | + if [ -z "$ref_line" ]; then |
| 52 | + echo "⚠ Extra line in API not in reference: '$api_line'" |
75 | 53 | MISMATCH=1 |
76 | 54 | fi |
77 | | - done |
| 55 | + done < "$API_TMP_CF" |
78 | 56 |
|
79 | | - echo "=== Checking application categories ===" |
80 | | - # Compare reference → API |
81 | | - for cat_id in $(jq -r '.applicationCategories[].id' "$REF_FILE_APP"); do |
82 | | - REF_CAT_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .name" "$REF_FILE_APP") |
83 | | - API_CAT_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .name // empty" "$API_FILE_APP") |
84 | | - if [ "$REF_CAT_NAME" != "$API_CAT_NAME" ]; then |
85 | | - echo "Mismatch for application category ID $cat_id: ref='$REF_CAT_NAME', api='$API_CAT_NAME'" |
86 | | - MISMATCH=1 |
87 | | - fi |
| 57 | + if [ $MISMATCH -eq 1 ]; then |
| 58 | + echo "contentFiltering categories mismatch detected. Failing workflow." |
| 59 | + exit 1 |
| 60 | + else |
| 61 | + echo "✅ All contentFiltering categories match reference." |
88 | 62 |
|
89 | | - # Compare applications inside this category |
90 | | - for app_id in $(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[].id" "$REF_FILE_APP"); do |
91 | | - REF_APP_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[] | select(.id==\"$app_id\") | .name" "$REF_FILE_APP") |
92 | | - API_APP_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[] | select(.id==\"$app_id\") | .name // empty" "$API_FILE_APP") |
93 | | - if [ "$REF_APP_NAME" != "$API_APP_NAME" ]; then |
94 | | - echo "Mismatch for application ID $app_id in category $cat_id: ref='$REF_APP_NAME', api='$API_APP_NAME'" |
95 | | - MISMATCH=1 |
96 | | - fi |
97 | | - done |
98 | | - done |
| 63 | + - name: Check application categories |
| 64 | + run: | |
| 65 | + REF_FILE_APP="docs/applicationCategories.md" |
| 66 | + API_TMP_APP="tmp_api_APP.md" |
| 67 | + MISMATCH=0 |
99 | 68 |
|
100 | | - # Check API → reference for extra application categories |
101 | | - for cat_id in $(jq -r '.applicationCategories[].id' "$API_FILE_APP"); do |
102 | | - REF_CAT_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .name // empty" "$REF_FILE_APP") |
103 | | - if [ -z "$REF_CAT_NAME" ]; then |
104 | | - API_CAT_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .name" "$API_FILE_APP") |
105 | | - echo "Extra application category in API not in reference: ID=$cat_id, name='$API_CAT_NAME'" |
| 69 | + echo "=== Fetching application categories ===" |
| 70 | + curl -s -H "X-Cisco-Meraki-API-Key: $API_KEY" \ |
| 71 | + "$BASE_URL/networks/$NETWORK_ID/appliance/firewall/l7FirewallRules/applicationCategories" \ |
| 72 | + | jq -r ' |
| 73 | + .applicationCategories[] as $cat | |
| 74 | + "id: \($cat.id)\nname: \($cat.name)\n" + |
| 75 | + ($cat.applications[]? | " id: \(.id)\n name: \(.name)\n") |
| 76 | + ' > "$API_TMP_APP" |
| 77 | +
|
| 78 | + echo "=== Comparing application categories ===" |
| 79 | + while IFS= read -r ref_line; do |
| 80 | + api_line=$(grep -F "$ref_line" "$API_TMP_APP" || true) |
| 81 | + if [ -z "$api_line" ]; then |
| 82 | + echo "❌ Mismatch or missing line in API: '$ref_line'" |
106 | 83 | MISMATCH=1 |
107 | 84 | fi |
| 85 | + done < "$REF_FILE_APP" |
108 | 86 |
|
109 | | - # Extra applications in API category |
110 | | - for app_id in $(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[].id" "$API_FILE_APP"); do |
111 | | - REF_APP_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[] | select(.id==\"$app_id\") | .name // empty" "$REF_FILE_APP") |
112 | | - if [ -z "$REF_APP_NAME" ]; then |
113 | | - API_APP_NAME=$(jq -r ".applicationCategories[] | select(.id==\"$cat_id\") | .applications[] | select(.id==\"$app_id\") | .name" "$API_FILE_APP") |
114 | | - echo "Extra application in API not in reference: ID=$app_id in category $cat_id, name='$API_APP_NAME'" |
115 | | - MISMATCH=1 |
116 | | - fi |
117 | | - done |
118 | | - done |
| 87 | + # Check for extra items in API not in reference |
| 88 | + while IFS= read -r api_line; do |
| 89 | + ref_line=$(grep -F "$api_line" "$REF_FILE_APP" || true) |
| 90 | + if [ -z "$ref_line" ]; then |
| 91 | + echo "⚠ Extra line in API not in reference: '$api_line'" |
| 92 | + MISMATCH=1 |
| 93 | + fi |
| 94 | + done < "$API_TMP_APP" |
119 | 95 |
|
120 | 96 | if [ $MISMATCH -eq 1 ]; then |
121 | | - echo "Category/application mismatches detected. Failing workflow." |
| 97 | + echo "application categories mismatch detected. Failing workflow." |
122 | 98 | exit 1 |
123 | 99 | else |
124 | | - echo "All categories and applications match reference." |
125 | | - fi |
126 | | -
|
127 | | - - name: Webex Notification |
128 | | - if: always() |
129 | | - uses: qsnyder/action-wxt@master |
130 | | - env: |
131 | | - TOKEN: ${{ secrets.WEBEX_TOKEN }} |
132 | | - ROOMID: ${{ secrets.WEBEX_ROOM_ID }} |
133 | | - MESSAGE: | |
134 | | - [**[${{ job.status }}] ${{ github.repository }} #${{ github.run_number }}**](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) |
135 | | - * Job: ${{ github.job }} |
136 | | - * Branch: ${{ github.ref }} |
137 | | - * Event: ${{ github.event_name }} |
| 100 | + echo "✅ All application categories match reference." |
0 commit comments