Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Initial proof of concept for lula actions #2

Merged
merged 1 commit into from
Jan 11, 2024
Merged

Initial proof of concept for lula actions #2

merged 1 commit into from
Jan 11, 2024

Conversation

brandtkeller
Copy link
Member

Intent

Provide Lula GitHub actions with guardrails that account for possible default scenarios.

Real-world use

It may very well be possible that the setup action is the only useful action - but I figured it might be worthwhile to experiment with some other workflows that handled more of the complexity and added extra garudrails like checking for existence of artifacts when necessary.

@brandtkeller brandtkeller added the enhancement New feature or request label Jan 11, 2024
@brandtkeller brandtkeller self-assigned this Jan 11, 2024
@CloudBeard
Copy link
Contributor

CloudBeard commented Jan 11, 2024
edited
Loading

From a UDS perspective I would use all 3 setup, lint, and validate. I am picturing (once validations are setup/tested) the validate piece on new PRs would be a great way to have a compliance gate for changes. That in itself would let you know if a change would require a conversation about exceptions/POAMs or even lead to the creation/addition of it to the POAM.

I would also use Setup and Lint today in all UDS repos with OSCAL. I have a draft open for SWF that I could swap out for these. defenseunicorns/uds-package-software-factory#115

@brandtkeller
Copy link
Member Author

From a UDS perspective I would use all 3 setup, lint, and validate. I am picturing (once validations are setup/tested) the validate piece on new PRs would be a great way to have a compliance gate for changes. That in itself would let you know if a change would require a conversation about exceptions/POAMs or even lead to the creation/addition of it to the POAM.

I would also use Setup and Lint today in all UDS repos with OSCAL. I have a draft open for SWF that I could swap out for these. defenseunicorns/uds-package-software-factory#115

Good to hear! My mention about usefulness of the other actions was a comparison on ROI. IE once Lula is installed with the setup action - you could just as easily call lula tools lint -f <file> vs using the lint action. But I tossed those workflows in here so that we can experiment and see. The lula commands can be augmented with the action which leads to better guardrails and possibly more functionality.

@brandtkeller
Copy link
Member Author

Moving to ready for review - would like to see if we can spin-up a mock repository to use the actions simply based on commit-hash without any released versions (never tried this myself but feels reasonable).

@brandtkeller brandtkeller marked this pull request as ready for review January 11, 2024 16:49
CloudBeard
CloudBeard approved these changes Jan 11, 2024
View reviewed changes
Copy link
Contributor

@CloudBeard CloudBeard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initial actions look awesome! Look forward to testing.

@brandtkeller brandtkeller merged commit 63b88a4 into main Jan 11, 2024
@brandtkeller brandtkeller deleted the initial-branch branch January 11, 2024 22:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CloudBeard CloudBeard CloudBeard approved these changes

@Alvin-zzz Alvin-zzz Awaiting requested review from Alvin-zzz

@DannyDTenacious DannyDTenacious Awaiting requested review from DannyDTenacious

Assignees

@brandtkeller brandtkeller

Labels
enhancement New feature or request
Projects
Lula and Friends
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@brandtkeller @CloudBeard