1- name : PR Validation for Polling file prod
1+ name : chatuujojh
22
33on :
44 pull_request_target :
55 branches :
66 - main
7- types : [opened, synchronize]
7+ types :
8+ - opened
9+ - synchronize
810
911permissions :
1012 id-token : write
1113 contents : read
1214
1315env :
14- CLIENT_ID : ${{ secrets.AZURE_CONTENT_VALIDATION_CLIENT_ID }}
16+ CLIENT_ID : ${{ secrets.AZURE_CLIENT_ID }}
1517 API_BASE : https://sentinel-content-validationapi-prod-bvgsc3hjhyeqangg.canadacentral-01.azurewebsites.net/
1618
1719jobs :
@@ -22,37 +24,47 @@ jobs:
2224 - name : Checkout PR code
2325 uses : actions/checkout@v3
2426 with :
27+ token : ${{ secrets.GITHUB_TOKEN }} # needed when using pull_request_target on forks
2528 fetch-depth : 0
2629 ref : ${{ github.event.pull_request.head.ref }}
2730 repository : ${{ github.event.pull_request.head.repo.full_name }}
2831
29- - name : Get changed JSON files and contents to send to API endpoint
32+ - name : Get changed JSON files and contents
3033 id : prepare_json_files
3134 run : |
35+ set -eux
36+
37+ echo "🔍 Collecting changed JSON files…"
3238 BASE="${{ github.event.pull_request.base.sha }}"
3339 HEAD="${{ github.event.pull_request.head.sha }}"
34- mapfile -t files < <(git diff --name-only "$BASE" "$HEAD" | grep '\.json$')
3540
36- filtered_files=()
37- for file in "${files[@]}"; do
38- if [[ "$file" =~ [Pp][Oo][Ll][Ll] ]]; then
39- filtered_files+=("$file")
41+ mapfile -t files < <(git diff --name-only "$BASE" "$HEAD" | grep -Ei '\.json$')
42+ echo "→ All .json files: ${files[*]:-<none>}"
43+
44+ # Case-insensitive filter for “poll”
45+ filtered=()
46+ for f in "${files[@]}"; do
47+ if [[ "$f" =~ [Pp]oll ]]; then
48+ filtered+=("$f")
4049 fi
4150 done
4251
43- if [ ${#filtered_files [@]} -eq 0 ]; then
44- echo "No polling JSON files changed."
52+ if [ ${#filtered [@]} -eq 0 ]; then
53+ echo "→ No polling JSON files changed; skipping validation ."
4554 echo "JSON_PAYLOAD_PATH=empty" >> $GITHUB_ENV
4655 exit 0
4756 fi
4857
58+ echo "→ Polling files: ${filtered[*]}"
59+
60+ # Build JSON array payload
4961 json_array="["
50- for file in "${filtered_files [@]}"; do
51- if [ -f "$file" ] && jq -e . "$file " > /dev/null 2>&1 ; then
52- content=$(jq -c . < "$file ")
53- json_array+="{\"filename\": \"${file} \", \"content\": $content},"
62+ for f in "${filtered [@]}"; do
63+ if jq -e . "$f " > /dev/null; then
64+ content=$(jq -c . "$f ")
65+ json_array+="{\"filename\":\"$f \",\"content\":$content},"
5466 else
55- echo "❌ Invalid JSON in $file "
67+ echo "❌ Invalid JSON in $f "
5668 exit 1
5769 fi
5870 done
@@ -61,58 +73,80 @@ jobs:
6173 echo "JSON_PAYLOAD_PATH=files_payload.json" >> $GITHUB_ENV
6274
6375name : Request OIDC token from GitHub
64- if : ${{ env.JSON_PAYLOAD_PATH != 'empty' }}
76+ if : env.JSON_PAYLOAD_PATH != 'empty'
6577 id : fetch_token
6678 run : |
67- echo "Requesting OIDC token..."
68- raw=$(curl -s -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=api://${CLIENT_ID}")
69- echo "Raw OIDC response: $raw"
70- token=$(echo "$raw" | jq -r '.value // empty')
71- if [ -z "$token" ]; then
72- echo "❌ OIDC token is empty. Likely due to PR from fork. Skipping API calls."
73- echo "SKIP_API=true" >> $GITHUB_ENV
79+ set -eux
80+ echo "🔐 Fetching OIDC token…"
81+ raw=$(curl -s \
82+ -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
83+ "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=api://${CLIENT_ID}")
84+ token=$(echo "$raw" | jq -r .value)
85+ echo "✔️ Got token (length=${#token})"
86+ echo "TOKEN=$token" >> $GITHUB_ENV
87+
88+
89+ name : 📡 Health-check GET
90+ if : env.JSON_PAYLOAD_PATH != 'empty'
91+ run : |
92+ set -eux
93+ echo "🚀 Hitting $API_BASE…"
94+ # Capture both body and status
95+ resp=$(curl -s -w "\n%{http_code}" \
96+ -H "Authorization: Bearer $TOKEN" \
97+ "$API_BASE")
98+ body=$(echo "$resp" | sed '$d') # all but last line
99+ status=$(echo "$resp" | tail -n1) # last line
100+ echo "🔁 HTTP status: $status"
101+ echo "🔍 Raw body:"
102+ echo "$body" # always printed
103+
104+ # Try to parse JSON, but don’t exit if it fails
105+ if echo "$body" | jq . > /dev/null 2>&1; then
106+ echo "✔️ Parsed JSON:"
107+ echo "$body" | jq .
74108 else
75- echo "TOKEN=$token" >> $GITHUB_ENV
76- echo "SKIP_API=false" >> $GITHUB_ENV
109+ echo "⚠️ Body is not JSON or empty"
77110 fi
78111
79- name : Check if API is live
80- if : ${{ env.JSON_PAYLOAD_PATH != 'empty' && env.SKIP_API != 'true' }}
81- run : |
82- echo "Checking API health..."
83- response=$(curl -s -H "Authorization: Bearer $TOKEN" "$API_BASE")
84- echo "$response" | jq . || echo "⚠️ Invalid JSON response"
85-
86- name : Send POST request with JSON payload
87- if : ${{ env.JSON_PAYLOAD_PATH != 'empty' && env.SKIP_API != 'true' }}
88- run : |
89- echo "Sending JSON payload to API..."
90-
91- response=$(curl -s -w "\n%{http_code}" -X POST "$API_BASE/polling" \
92- -H "Authorization: Bearer $TOKEN" \
93- -H "Content-Type: application/json" \
94- --data-binary "@$JSON_PAYLOAD_PATH")
95-
96- http_body=$(echo "$response" | sed '$d')
97- http_status=$(echo "$response" | tail -n1)
98-
99- echo "🔁 HTTP Status: $http_status"
100- echo "🔍 Raw Response:"
101- echo "$http_body"
102-
103- # Try to parse status and message
104- result_status=$(echo "$http_body" | jq -r '.status // empty')
105- message=$(echo "$http_body" | jq -r '.message // "No message provided"')
112+ # Exit non-2xx
113+ if [[ "$status" != 2* ]]; then
114+ echo "❌ Health check failed (status $status)"
115+ exit 1
116+ fi
106117
107- if [ "$http_status" != "200" ]; then
108- echo "❌ API call failed with status $http_status"
109- exit 1
110- fi
118+ name : 📦 POST polling payload
119+ if : env.JSON_PAYLOAD_PATH != 'empty'
120+ run : |
121+ set -eux
122+ echo "🚀 POSTing to $API_BASE/polling…"
123+ # Capture both body and status
124+ resp=$(curl -s -w "\n%{http_code}" -X POST \
125+ -H "Authorization: Bearer $TOKEN" \
126+ -H "Content-Type: application/json" \
127+ --data-binary "@$JSON_PAYLOAD_PATH" \
128+ "$API_BASE/polling")
129+ body=$(echo "$resp" | sed '$d')
130+ status=$(echo "$resp" | tail -n1)
131+ echo "🔁 HTTP status: $status"
132+ echo "🔍 Raw body:"
133+ echo "$body"
134+
135+ # Parse JSON if possible
136+ if echo "$body" | jq . > /dev/null 2>&1; then
137+ echo "✔️ Parsed JSON:"
138+ echo "$body" | jq .
139+ else
140+ echo "⚠️ Body is not JSON or empty"
141+ fi
111142
112- if [ "$result_status" != "passed" ]; then
113- echo "❌ Validation failed: $message"
114- exit 1
115- fi
143+ # Now inspect your API’s own “status” field if you want:
144+ api_status=$(echo "$body" | jq -r '.status // empty')
145+ echo "➡️ API “status” field: ${api_status:-<none>}"
116146
117- echo "✅ $message"
147+ if [[ "$status" != 2* ]] || [[ "$api_status" != Passed ]]; then
148+ echo "❌ Validation failed (HTTP $status / api.status=$api_status)"
149+ exit 1
150+ fi
118151
152+ echo "✅ All checks passed!"
0 commit comments