[New Rule] Potential Forced Authentication - SMB Named Pipes #1548
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Add PR Guidelines Comment | |
on: | |
pull_request_target: | |
types: [opened, labeled] | |
jobs: | |
add-comment: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v2 | |
- name: Set environment variable for early exit control | |
id: check_label | |
run: | | |
echo "CONTINUE_JOB=true" >> $GITHUB_ENV | |
if [[ "${{ github.event.action }}" == "labeled" || "${{ github.event.action }}" == "opened" ]]; then | |
RELEVANT_LABELS=("bug" "enhancement" "schema" "Rule: New" "Rule: Tuning" "Rule: Deprecation" "Hunt: New" "Hunt: Tuning") | |
TRIGGERED_LABEL="${{ github.event.label.name }}" | |
if [[ ! " ${RELEVANT_LABELS[@]} " =~ " ${TRIGGERED_LABEL} " ]]; then | |
echo "CONTINUE_JOB=false" >> $GITHUB_ENV | |
fi | |
fi | |
- name: Determine Guidelines Label | |
run: | | |
# Initialize GUIDELINES_FILE to empty | |
echo "GUIDELINES_FILE=" >> $GITHUB_ENV | |
if [[ "${{ contains(github.event.pull_request.labels.*.name, 'bug') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/bug_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'enhancement') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/enhancement_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'schema') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/schema_enhancement_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: New') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_new_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: Tuning') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_tuning_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Rule: Deprecation') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/rule_deprecation_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Hunt: New') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/hunt_new_guidelines.md" >> $GITHUB_ENV | |
elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'Hunt: Tuning') }}" == "true" ]]; then | |
echo "GUIDELINES_FILE=.github/PULL_REQUEST_GUIDELINES/hunt_tuning_guidelines.md" >> $GITHUB_ENV | |
fi | |
- name: Fail if no relevant labels are found | |
if: env.GUIDELINES_FILE == '' | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
core.setFailed('No appropriate GitHub label found in the PR. Failing the job.') | |
- name: Add Guidelines Comment | |
if: env.CONTINUE_JOB == 'true' && (github.event.action == 'opened' || github.event.action == 'labeled') | |
uses: mshick/add-pr-comment@v2 | |
with: | |
message-path: ${{ env.GUIDELINES_FILE }} | |
repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} | |
message-id: "guidelines-comment" |