add verified data to pre-deploy message

github · Dec 9, 2024 · c8ff3e2 · c8ff3e2
1 parent cbced8b
commit c8ff3e2
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 29 deletions.
diff --git a/__tests__/functions/commit-safety-checks.test.js b/__tests__/functions/commit-safety-checks.test.js
@@ -54,7 +54,8 @@ beforeEach(() => {
 test('checks a commit and finds that it is safe (date)', async () => {
   expect(await commitSafetyChecks(context, data)).toStrictEqual({
     message: 'success',
-    status: true
+    status: true,
+    isVerified: false
   })
   expect(debugMock).toHaveBeenCalledWith(
     '2024-10-15T12:00:00Z is not older than 2024-10-15T11:00:00Z'
@@ -78,7 +79,8 @@ test('checks a commit and finds that it is safe (date + verification)', async ()
   }
   expect(await commitSafetyChecks(context, data)).toStrictEqual({
     message: 'success',
-    status: true
+    status: true,
+    isVerified: true
   })
   expect(debugMock).toHaveBeenCalledWith(
     '2024-10-15T12:00:00Z is not older than 2024-10-15T11:00:00Z'
@@ -95,12 +97,13 @@ test('checks a commit and finds that it is not safe (date)', async () => {
   expect(await commitSafetyChecks(context, data)).toStrictEqual({
     message:
       '### ⚠️ Cannot proceed with deployment\n\nThe latest commit is not safe for deployment. It was authored after the trigger comment was created.',
-    status: false
+    status: false,
+    isVerified: false
   })
   expect(debugMock).toHaveBeenCalledWith(
     '2024-10-15T12:00:00Z is older than 2024-10-15T12:00:01Z'
   )
-  expect(debugMock).not.toHaveBeenCalledWith('isVerified: false')
+  expect(debugMock).toHaveBeenCalledWith('isVerified: false')
 })
 
 test('checks a commit and finds that it is not safe (verification)', async () => {
@@ -115,7 +118,8 @@ test('checks a commit and finds that it is not safe (verification)', async () =>
 
   expect(await commitSafetyChecks(context, data)).toStrictEqual({
     message: `### ⚠️ Cannot proceed with deployment\n\n- commit: \`${sha}\`\n- verification failed reason: \`${data.commit.verification.reason}\`\n\n> The commit signature is not valid. Please ensure the commit has been properly signed and try again.`,
-    status: false
+    status: false,
+    isVerified: false
   })
   expect(debugMock).toHaveBeenCalledWith(
     '2024-10-15T12:00:00Z is not older than 2024-10-15T11:00:00Z'
@@ -140,7 +144,8 @@ test('checks a commit and finds that it is not safe (verification time) even tho
 
   expect(await commitSafetyChecks(context, data)).toStrictEqual({
     message: `### ⚠️ Cannot proceed with deployment\n\nThe latest commit is not safe for deployment. The commit signature was verified after the trigger comment was created.`,
-    status: false
+    status: false,
+    isVerified: true
   })
   expect(debugMock).toHaveBeenCalledWith(
     '2024-10-15T12:00:00Z is not older than 2024-10-15T11:00:00Z'

diff --git a/dist/index.js b/dist/index.js
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/functions/commit-safety-checks.js b/src/functions/commit-safety-checks.js
@@ -10,6 +10,11 @@ export async function commitSafetyChecks(context, data) {
   const inputs = data.inputs
   const sha = data.sha
 
+  const isVerified = commit?.verification?.verified === true ? true : false
+  core.debug(`isVerified: ${isVerified}`)
+  core.setOutput('commit_verified', isVerified)
+  core.saveState('commit_verified', isVerified)
+
   const comment_created_at = context.payload.comment.created_at
   core.debug(`comment_created_at: ${comment_created_at}`)
 
@@ -21,14 +26,12 @@ export async function commitSafetyChecks(context, data) {
   if (isTimestampOlder(comment_created_at, commit_created_at)) {
     return {
       message: `### ⚠️ Cannot proceed with deployment\n\nThe latest commit is not safe for deployment. It was authored after the trigger comment was created.`,
-      status: false
+      status: false,
+      isVerified: isVerified
     }
   }
 
   // begin the commit verification checks
-  const isVerified = commit?.verification?.verified === true ? true : false
-  core.debug(`isVerified: ${isVerified}`)
-
   if (isVerified) {
     core.info(`🔑 commit signature is ${COLORS.success}valid${COLORS.reset}`)
   } else if (inputs.commit_verification === true && isVerified === false) {
@@ -40,14 +43,12 @@ export async function commitSafetyChecks(context, data) {
     )
   }
 
-  core.setOutput('commit_verified', isVerified)
-  core.saveState('commit_verified', isVerified)
-
   // If commit verification is enabled and the commit signature is not valid (or it is missing / undefined), exit
   if (inputs.commit_verification === true && isVerified === false) {
     return {
       message: `### ⚠️ Cannot proceed with deployment\n\n- commit: \`${sha}\`\n- verification failed reason: \`${commit?.verification?.reason}\`\n\n> The commit signature is not valid. Please ensure the commit has been properly signed and try again.`,
-      status: false
+      status: false,
+      isVerified: isVerified
     }
   }
 
@@ -59,12 +60,17 @@ export async function commitSafetyChecks(context, data) {
   ) {
     return {
       message: `### ⚠️ Cannot proceed with deployment\n\nThe latest commit is not safe for deployment. The commit signature was verified after the trigger comment was created.`,
-      status: false
+      status: false,
+      isVerified: isVerified
     }
   }
 
   // if we make it through all the checks, we can return a success object
-  return {message: 'success', status: true}
+  return {
+    message: 'success',
+    status: true,
+    isVerified: isVerified
+  }
 }
 
 // A helper method that checks if timestamp A is older than timestamp B

diff --git a/src/main.js b/src/main.js
@@ -622,7 +622,8 @@ export async function run() {
         },
         "git": {
           "branch": "${precheckResults.ref}",
-          "commit": "${precheckResults.sha}"
+          "commit": "${precheckResults.sha}",
+          "verified": ${commitSafetyCheckResults.isVerified}
         },
         "context": {
           "actor": "${context.actor}",