Skip to content

temporarily disallow L7 traffic permissions #5575

temporarily disallow L7 traffic permissions

temporarily disallow L7 traffic permissions #5575

Workflow file for this run

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
on:
pull_request_target:
types: [opened, closed, reopened]
workflow_dispatch:
name: Jira Community PR Sync
jobs:
sync:
runs-on: ubuntu-latest
name: Jira sync
steps:
- name: Login
uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c # v3
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
- name: Set ticket type
id: set-ticket-type
run: |
echo "TYPE=GH Issue" >> $GITHUB_OUTPUT
- name: Set ticket labels
if: github.event.action == 'opened'
id: set-ticket-labels
run: |
LABELS="["
if [[ "${{ contains(github.event.issue.labels.*.name, 'type/bug') }}" == "true" ]]; then LABELS+="\"type/bug\", "; fi
if [[ "${{ contains(github.event.issue.labels.*.name, 'type/enhancement') }}" == "true" ]]; then LABELS+="\"type/enhancement\", "; fi
if [[ ${#LABELS} != 1 ]]; then LABELS=${LABELS::-2}"]"; else LABELS+="]"; fi
echo "LABELS=${LABELS}" >> $GITHUB_OUTPUT
- name: Check if team member
if: github.event.action == 'opened'
id: is-team-member
run: |
TEAM=consul
ROLE="$(gh api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')"
if [[ -n ${ROLE} ]]; then
echo "Actor ${{ github.actor }} is a ${TEAM} team member"
echo "MESSAGE=true" >> $GITHUB_OUTPUT
elif [[ "${{ contains(github.actor, 'hc-github-team-consul-core') }}" == "true" ]]; then
echo "Actor ${{ github.actor }} is a ${TEAM} team member"
echo "MESSAGE=true" >> $GITHUB_OUTPUT
elif [[ "${{ contains(github.actor, 'dependabot') }}" == "true" ]]; then
echo "Actor ${{ github.actor }} is a ${TEAM} team member"
echo "MESSAGE=true" >> $GITHUB_OUTPUT
else
echo "Actor ${{ github.actor }} is NOT a ${TEAM} team member"
echo "MESSAGE=false" >> $GITHUB_OUTPUT
fi
env:
GITHUB_TOKEN: ${{ secrets.JIRA_SYNC_GITHUB_TOKEN }}
- name: Create ticket if an issue is filed, or if PR not by a team member is opened
if: ( github.event.action == 'opened' && steps.is-team-member.outputs.MESSAGE == 'false' )
uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1
with:
project: NET
issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}"
summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.TYPE }} #${{ github.event.pull_request.number }}]: ${{ github.event.pull_request.title }}"
description: "${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created in GitHub by ${{ github.actor }}._"
# customfield_10089 is "Issue Link", customfield_10371 is "Source" (use JIRA API to retrieve)
extraFields: '{ "customfield_10089": "${{ github.event.pull_request.html_url }}",
"customfield_10371": { "value": "GitHub" },
"customfield_10535": [{ "value": "Service Mesh" }],
"components": [{ "name": "${{ github.event.repository.name }}" }],
"labels": ${{ steps.set-ticket-labels.outputs.LABELS }} }'
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
# Education Jira
- name: Create ticket in Education board an issue is filed, or if PR not by a team member is opened
if: github.event.action == 'opened' && steps.is-team-member.outputs.MESSAGE == 'false' && contains(github.event.issue.labels.*.name, 'type/docs')
uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1
with:
project: CE
issuetype: "${{ steps.set-ticket-type.outputs.TYPE }}"
summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.TYPE }} #${{ github.event.pull_request.number }}]: ${{ github.event.pull_request.title }}"
description: "GitHub URL: ${{ github.event.issue.html_url || github.event.pull_request.html_url }}\n\n${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created in GitHub by ${{ github.actor }}._"
# customfield_10089 is "Issue Link", customfield_10371 is "Source" (use JIRA API to retrieve)
extraFields: '{ "components": [{ "name": "${{ github.event.repository.name }}" }] }'
- name: Search
if: github.event.action != 'opened'
id: search
uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2
with:
# cf[10089] is Issue Link (use JIRA API to retrieve)
jql: 'issuetype = "${{ steps.set-ticket-type.outputs.TYPE }}" and cf[10089] = "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"'
- name: Sync comment
if: github.event.action == 'created' && steps.search.outputs.issue
uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0
with:
issue: ${{ steps.search.outputs.issue }}
comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}"
- name: Close ticket
if: ( github.event.action == 'closed' || github.event.action == 'deleted' ) && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
with:
issue: ${{ steps.search.outputs.issue }}
transition: "Closed"
- name: Reopen ticket
if: github.event.action == 'reopened' && steps.search.outputs.issue
uses: atlassian/gajira-transition@4749176faf14633954d72af7a44d7f2af01cc92b # v3
with:
issue: ${{ steps.search.outputs.issue }}
transition: "To Do"