Merge pull request #392 from RedHatProductSecurity/update-actions

chore: update actions with new commands design

CONTRIBUTING.md

@@ -111,7 +111,7 @@ To generate a pin for a third party action, there should be a full length commit
 
 This approach is used for authoring CI workflows that utilize versioned actions to produce frequent updates from dependabot for python and GitHub Actions.
 
-### License Text in Files 
+### License Text in Files
 
 Please use the SPDX license identifier in all source files.
 
@@ -160,11 +160,11 @@ make test-e2e
 #### Run with poetry
 ```
 make develop
-poetry run trestlebot-autosync
-poetry run trestlebot-rules-transform
-poetry run trestlebot-create-cd
-poetry run trestlebot-sync-upstreams
-poetry run trestlebot-create-ssp
+poetry run trestlebot autosync
+poetry run trestlebot rules-transform
+poetry run trestlebot create compdef
+poetry run trestlebot sync-upstreams
+poetry run trestlebot create ssp
 ```
 
 #### Local testing
@@ -192,15 +192,15 @@ INPUT_SKIP_ITEMS=
 INPUT_DRY_RUN=true
 INPUT_SKIP_ASSEMBLE=false
 INPUT_SKIP_REGENERATE=false
-INPUT_REPOSITORY=.
+INPUT_REPO_PATH=.
 INPUT_BRANCH=test
-INPUT_MARKDOWN_PATH=markdown/profiles
+INPUT_MARKDOWN_DIR=markdown/profiles
 INPUT_OSCAL_MODEL=profile
-INPUT_SSP_INDEX_PATH=
+INPUT_SSP_INDEX_FILE=
 INPUT_COMMIT_MESSAGE=
 INPUT_COMMIT_USER_NAME=testuser
 INPUT_COMMIT_USER_EMAIL=test@example.com
-INPUT_FILE_PATTERN=*.md,*.json
+INPUT_FILE_PATTERNS=*.md,*.json
 INPUT_COMMIT_AUTHOR_NAME=
 INPUT_COMMIT_AUTHOR_EMAIL=
 INPUT_TARGET_BRANCH=
@@ -230,4 +230,4 @@ Once work on a release has been completed:
 - Initial releases will have a `major` tag (if stable), `major`.`minor`, and the full version.
 - The latest release will be rebuilt every thirty days to pull in base image updates. The same tags will
 be published with the addition of `full-version`.`date` tag.
-- Images can be built adhoc for testing purposes with the `workflow_dispatch` trigger.
+- Images can be built adhoc for testing purposes with the `workflow_dispatch` trigger.

actions/README.md

@@ -7,13 +7,13 @@ This document provides instructions and examples for creating and using GitHub A
 ## Directory Structure
 
 - Actions related to trestle-bot are located in the `actions` directory.
-- Actions should correlate an entrypoint under the `trestlebot/entrypoints` directory.
+- Actions should correlate a command under the `trestlebot/cli/commands` directory.
 
 ## Adding a New Action
 
 Contributors should scope trestle-bot actions to workspace management and checks. To add a new action:
 
-> Prerequisite: An entrypoint was created under the `trestlebot/entrypoints` directory and added to the `pyproject.toml` under `[tool.poetry.scripts]`
+> Prerequisite: An entrypoint was created under the `trestlebot/cli` directory and added to the `pyproject.toml` under `[tool.poetry.scripts]`
 
 1. Create a new directory in the `actions` directory.
 2. In the new directory, create an `action.yml` file that references the Dockerfile in the root of the repository.
@@ -48,7 +48,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: RedHatProductSecurity/trestle-bot/actions/create-cd@main
         with:
-          markdown_path: "markdown/components"
+          markdown_dir: "markdown/components"
           profile_name: "my-profile"
           component_definition_name: "my-component-definition"
           component_title: "my-component"
@@ -96,7 +96,7 @@ jobs:
         id: autosync
         uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
         with:
-          markdown_path: "md_comp"
+          markdown_dir: "md_comp"
           oscal_model: "compdef"
           commit_message: "Autosync component definition content [skip ci]"
       # Rule transformation is not idempotent, so you may only want to run this
@@ -115,7 +115,7 @@ jobs:
         id: transform
         uses: RedHatProductSecurity/trestle-bot/actions/rules-transform@main
         with:
-          markdown_path: "md_comp"
+          markdown_dir: "md_comp"
           commit_message: "Auto-transform rules [skip ci]" 
 ```
 
@@ -148,7 +148,7 @@ jobs:
         id: autosync
         uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
         with:
-          markdown_path: "md_comp"
+          markdown_dir: "md_comp"
           oscal_model: "compdef"
           dry_run: true
       - uses: dorny/paths-filter@v3
@@ -162,7 +162,7 @@ jobs:
         id: transform
         uses: RedHatProductSecurity/trestle-bot/actions/rules-transform@main
         with:
-          markdown_path: "md_comp"
+          markdown_dir: "md_comp"
           dry_run: true
 ```
 
@@ -210,7 +210,7 @@ jobs:
       if: steps.trestlebot.outputs.changes == 'true'
       uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
       with:
-        markdown_path: "markdown/components"
+        markdown_dir: "markdown/components"
         oscal_model: "compdef"
         branch: "sync-upstream-${{ github.run_id }}"
         skip_assemble: true
@@ -244,7 +244,7 @@ jobs:
       - name: Autosync
         uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
         with:
-          markdown_path: "md_comp"
+          markdown_dir: "md_comp"
           oscal_model: "compdef"
           commit_message: "Update content for release [skip ci]"
           version: ${{ github.event.inputs.version }}

actions/autosync/README.md

@@ -14,7 +14,7 @@ name: Example Workflow
         id: trestlebot
         uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
         with:
-          markdown_path: "markdown/profiles"
+          markdown_dir: "markdown/profiles"
           oscal_model: "profile"
 ```
 
@@ -23,26 +23,26 @@ name: Example Workflow
 <!-- START_ACTION_INPUTS -->
 | Name | Description | Default | Required |
 | --- | --- | --- | --- |
-| markdown_path | Path relative to the repository path where the Trestle markdown files are located. See action README.md for more information. | None | True |
+| markdown_dir | Path relative to the repository path where the Trestle markdown files are located. See action README.md for more information. | None | True |
 | oscal_model | OSCAL Model type to assemble. Values can be catalog, profile, compdef, or ssp. | None | True |
 | dry_run | Runs tasks without pushing changes to the repository. | false | False |
 | github_token | "GitHub token used to make authenticated API requests. Note: You should use a defined secret like "secrets.GITHUB_TOKEN" in your workflow file, do not hardcode the token." | None | False |
 | version | Version of the OSCAL model to set during assembly into JSON. | None | False |
 | skip_assemble | Skip assembly task. Defaults to false | false | False |
 | skip_regenerate | Skip regenerate task. Defaults to false. | false | False |
 | skip_items | Comma-separated glob patterns list of content by trestle name to skip during task execution. For example `profile_x,profile_y*,`. | None | False |
-| ssp_index_path | Path relative to the repository path where the ssp index is located. See action README.md for information about the ssp index. | ssp-index.json | False |
+| ssp_index_file | JSON file relative to the repository path where the ssp index is located. See action README.md for information about the ssp index. | ssp-index.json | False |
 | commit_message | Custom commit message | Sync automatic updates | False |
-| pull_request_title | Custom pull request title | Automatic updates from trestlebot | False |
 | branch | Name of the Git branch to which modifications should be pushed. Required if Action is used on the `pull_request` event. | ${{ github.ref_name }} | False |
 | target_branch | Target branch (or base branch) to create a pull request against. If unset, no pull request will be created. If set, a pull request will be created using the `branch` field as the head branch. | None | False |
-| file_pattern | Comma separated file pattern list used for `git add`. For example `component-definitions/*,*json`. Defaults to (`.`) | . | False |
-| repository | Local file path to the git repository with a valid trestle project root relative to the GitHub workspace. | . | False |
+| file_patterns | Comma separated file pattern list used for `git add`. For example `component-definitions/*,*json`. Defaults to (`.`) | . | False |
+| repo_path | Local file path to the git repository with a valid trestle project root relative to the GitHub workspace. | . | False |
 | commit_user_name | Name used for the commit user. | github-actions[bot] | False |
 | commit_user_email | Email address used for the commit user | 41898282+github-actions[bot]@users.noreply.github.com | False |
 | commit_author_name | Name used for the commit author. Defaults to the username of whoever triggered this workflow run. | ${{ github.actor }} | False |
 | commit_author_email | Email address used for the commit author. | ${{ github.actor }}@users.noreply.github.com | False |
-| verbose | Enable verbose logging | false | False |
+| debug | Enable debug logging messages. | false | False |
+| config | Path to trestlebot configuration file. | .trestlebot/config.yml | False |
 
 <!-- END_ACTION_INPUTS -->
 
@@ -59,8 +59,8 @@ name: Example Workflow
 
 ### Additional information on workflow inputs
 
-- `markdown_path`: This is the location for Markdown generated by the `trestle author <model>-generate` commands
-- `ssp_index_path`: This is a text file that stores the component definition information by name in trestle with the ssp name. Example below
+- `markdown_dir`: This is the location for Markdown generated by the `trestle author <model>-generate` commands
+- `ssp_index_file`: This is a JSON file that stores the component definition information by name in trestle with the ssp name. Example below
 
 ```json
  "ssp1": {
@@ -85,7 +85,7 @@ The purpose of this action is to sync JSON and Markdown data with `compliance-tr
       id: trestlebot
       uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
       with:
-        markdown_path: "markdown/profiles"
+        markdown_dir: "markdown/profiles"
         oscal_model: "profile"
         branch: "another-branch"
 ```
@@ -99,7 +99,7 @@ The purpose of this action is to sync JSON and Markdown data with `compliance-tr
       id: trestlebot
       uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
       with:
-        markdown_path: "markdown/profiles"
+        markdown_dir: "markdown/profiles"
         oscal_model: "profile"
         branch: "autoupdate-${{ github.run_id }}"
         target_branch: "main"
@@ -117,7 +117,7 @@ This can be helpful if you want to enforce that the content is in sync before it
         id: check
         uses: RedHatProductSecurity/trestle-bot/actions/autosync@main
         with:
-          markdown_path: "markdown/profiles"
+          markdown_dir: "markdown/profiles"
           oscal_model: "profile"
           dry_run: true
       # Optional - Set the action to failed if changes are detected.
@@ -127,7 +127,7 @@ This can be helpful if you want to enforce that the content is in sync before it
         with:
           script: |
               core.setFailed('Changes detected. Manual intervention required.')
-    
+
 ```
 
-> Note: Trestle `assemble` or `regenerate` tasks may be skipped if desired using `skip_assemble: true` or `skip_regenerate: true`, respectively. 
+> Note: Trestle `assemble` or `regenerate` tasks may be skipped if desired using `skip_assemble: true` or `skip_regenerate: true`, respectively.

actions/autosync/action.yml

@@ -3,13 +3,13 @@ author: "Red Hat Product Security"
 description: "An action to perform automatic synchronization of Trestle markdown files to OSCAL."
 
 inputs:
-  markdown_path: 
+  markdown_dir:
     description: Path relative to the repository path where the Trestle markdown files are located. See action README.md for more information.
     required: true
   oscal_model:
     description: OSCAL Model type to assemble. Values can be catalog, profile, compdef, or ssp.
     required: true
-  dry_run: 
+  dry_run:
     description: "Runs tasks without pushing changes to the repository."
     required: false
     default: "false"
@@ -32,30 +32,26 @@ inputs:
   skip_items:
     description: "Comma-separated glob patterns list of content by trestle name to skip during task execution. For example `profile_x,profile_y*,`."
     required: false
-  ssp_index_path:
-    description: Path relative to the repository path where the ssp index is located. See action README.md for information about the ssp index.
+  ssp_index_file:
+    description: JSON file relative to the repository path where the ssp index is located. See action README.md for information about the ssp index.
     required: false
     default: "ssp-index.json"
   commit_message:
     description: Custom commit message
     required: false
     default: "Sync automatic updates"
-  pull_request_title:
-    description: Custom pull request title
-    required: false
-    default: "Automatic updates from trestlebot"
   branch:
     description: Name of the Git branch to which modifications should be pushed. Required if Action is used on the `pull_request` event.
     required: false
     default: ${{ github.ref_name }}
   target_branch:
     description: Target branch (or base branch) to create a pull request against. If unset, no pull request will be created. If set, a pull request will be created using the `branch` field as the head branch.
     required: false
-  file_pattern:
+  file_patterns:
     description: Comma separated file pattern list used for `git add`. For example `component-definitions/*,*json`. Defaults to (`.`)
     required: false
     default: '.'
-  repository:
+  repo_path:
     description: Local file path to the git repository with a valid trestle project root relative to the GitHub workspace.
     required: false
     default: '.'
@@ -75,10 +71,14 @@ inputs:
     description: Email address used for the commit author.
     required: false
     default: ${{ github.actor }}@users.noreply.github.com
-  verbose:
-    description: Enable verbose logging
+  debug:
+    description: Enable debug logging messages.
     required: false
     default: "false"
+  config:
+    description: Path to trestlebot configuration file.
+    required: false
+    default: ".trestlebot/config.yml"
 
 outputs:
   changes:

actions/autosync/auto-sync-entrypoint.sh

@@ -8,22 +8,22 @@ source /common.sh
 set_git_safe_directory
 
 # Initialize the command variable
-command="trestlebot-autosync \
-        --markdown-path=\"${INPUT_MARKDOWN_PATH}\" \
+command="trestlebot autosync \
+        --markdown-dir=\"${INPUT_MARKDOWN_DIR}\" \
         --oscal-model=\"${INPUT_OSCAL_MODEL}\" \
-        --ssp-index-path=\"${INPUT_SSP_INDEX_PATH}\" \
+        --ssp-index-file=\"${INPUT_SSP_INDEX_FILE}\" \
         --commit-message=\"${INPUT_COMMIT_MESSAGE}\" \
-        --pull-request-title=\"${INPUT_PULL_REQUEST_TITLE}\" \
         --branch=\"${INPUT_BRANCH}\" \
-        --file-patterns=\"${INPUT_FILE_PATTERN}\" \
+        --file-patterns=\"${INPUT_FILE_PATTERNS}\" \
         --committer-name=\"${INPUT_COMMIT_USER_NAME}\" \
         --committer-email=\"${INPUT_COMMIT_USER_EMAIL}\" \
         --author-name=\"${INPUT_COMMIT_AUTHOR_NAME}\" \
         --author-email=\"${INPUT_COMMIT_AUTHOR_EMAIL}\" \
-        --working-dir=\"${INPUT_REPOSITORY}\" \
+        --repo-path=\"${INPUT_REPO_PATH}\" \
         --target-branch=\"${INPUT_TARGET_BRANCH}\" \
         --skip-items=\"${INPUT_SKIP_ITEMS}\" \
-        --version=\"${INPUT_VERSION}\""
+        --version=\"${INPUT_VERSION}\"
+        --config=\"${INPUT_CONFIG}\""
 
 # Conditionally include flags
 if [[ ${INPUT_SKIP_ASSEMBLE} == true ]]; then
@@ -38,8 +38,8 @@ if [[ ${INPUT_DRY_RUN} == true ]]; then
     command+=" --dry-run"
 fi
 
-if [[ ${INPUT_VERBOSE} == true ]]; then
-    command+=" --verbose"
+if [[ ${INPUT_DEBUG} == true ]]; then
+    command+=" --debug"
 fi
 
-eval "${command}"
+eval "${command}"