harbor-alpha-phac-gc-ca DNS record sets #36
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Validate Domain Name | |
on: | |
pull_request: | |
branches: | |
- main | |
paths: | |
- 'dns-records/*.yaml' | |
jobs: | |
validate_domains: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Validate Domains | |
id: validate_domains | |
run: | | |
files_with_spec_name=() | |
yaml_files=() | |
negative_score_threshold=-0.10 | |
found_issues=false | |
# Find yml/yaml files that have been changed | |
changed_files=$(git diff --name-only HEAD^..HEAD) | |
echo "Changed Files" | |
echo "$changed_files" | |
if [ -n "$changed_files" ]; then | |
while IFS= read -r file; do | |
if [[ "$file" =~ \.y(a)?ml$ ]]; then | |
yaml_files+=("$file") | |
fi | |
done < <(echo "$changed_files") | |
echo -e "\nFound yaml files:" | |
for file in "${yaml_files[@]}"; do | |
echo "$file" | |
done | |
else | |
echo -e "\nNo YAML files were changed." | |
exit 0 | |
fi | |
# Check if there are any YAML files to process | |
if [ ${#yaml_files[@]} -eq 0 ]; then | |
echo -e "\nNo YAML files to process after filtering. Exiting cleanly." | |
exit 0 | |
fi | |
# Find yaml files that have .spec.name defined | |
for file in "${yaml_files[@]}"; do | |
if [ -f "$file" ]; then # Ensure the file still exists in the repository | |
foundDomainName=$(yq '.spec.name // ""' "$file") | |
if [ -n "$foundDomainName" ]; then | |
files_with_spec_name+=("$file") | |
fi | |
else | |
echo "File $file has been deleted or is not accessible." | |
fi | |
done | |
if [ ${#files_with_spec_name[@]} -eq 0 ]; then | |
echo -e "\nNo files with .spec.name found. Exiting cleanly." | |
exit 0 | |
fi | |
echo -e "\nFiles with .spec.name:" | |
for file in "${files_with_spec_name[@]}"; do | |
echo "$file" | |
done | |
# Make API calls to validate sentiment | |
for file in "${files_with_spec_name[@]}"; do | |
echo -e "\nProcessing file: $file" | |
foundDomainName=$(yq '.spec.name // ""' "$file") | |
echo "Validating domain name: $foundDomainName" | |
response=$(curl -s -X POST \ | |
-H "Content-Type: application/json" \ | |
-d '{ | |
"document": { | |
"type": "PLAIN_TEXT", | |
"content": "'"$foundDomainName"'", | |
"languageCode": "en" | |
} | |
}' \ | |
"https://language.googleapis.com/v2/documents:analyzeSentiment?key=${{secrets.GOOGLE_CLOUD_NLP_API_KEY}}") | |
# Validate $response and extract sentiment score | |
sentiment_score=$(echo "$response" | jq -r '.documentSentiment.score') | |
echo "Sentiment Score: $sentiment_score" | |
# Check if sentiment score is less than the threshold | |
if [ "$(echo "$sentiment_score < $negative_score_threshold" | bc -l)" -eq 1 ]; then | |
echo "::error:: $foundDomainName Domain name seems to have a negative sentiment score. Please reconsider." | |
found_issues=true | |
fi | |
done | |
# Set action status to fail if bad sentiment found | |
if [ "$found_issues" = true ]; then | |
echo "::error:: Validation encountered issues. Please review." | |
exit 1 | |
fi |