Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pull request alert types #5024

Closed
3 tasks done
eleftherias opened this issue Nov 22, 2024 · 1 comment
Closed
3 tasks done

Pull request alert types #5024

eleftherias opened this issue Nov 22, 2024 · 1 comment
Assignees
@eleftherias
Labels
user-story

Comments

@eleftherias
Copy link
Contributor

eleftherias commented Nov 22, 2024
edited
Loading

User Story Description

As a Minder rule author
I want to write a rule that comments on a pull request if there is an evaluation failure
so that I can alert the PR author in the environment they are already using

Background

We already have existing ruletypes that comment on pull requests (e.g trusty and OSV), but there is nothing in the ruletype definition that explicitly states that commenting will be the action taken if the PR is not compliant.

Furthermore, the logic to comment on a PR is internal to Minder and not available to be reused by external authors of new ruletypes.

Acceptance Criteria

  • Given that I'm a Minder user
    and I've written a rule with the alert type pull_request_comment
    and the rule is part of a profile on my project
    when the rule evaluation fails
    then Minder comments on my pull request
  • Given I have a rule in a profile with the alert type pull_request_comment
    and I've defined the review_message in my alert as "This PR has issues"
    then Minder comments on my pull request with the message "This PR has issues"

Additional Resources

No response

Tasks
eleftherias added a commit to eleftherias/minder that referenced this issue Dec 16, 2024
@eleftherias
Return EvalResults from rego constraints evaluation
0cac0c9 
Ref mindersec#5024
@eleftherias eleftherias mentioned this issue Dec 16, 2024
Merged
10 tasks
eleftherias added a commit that referenced this issue Dec 17, 2024
@eleftherias
Return EvalResults from rego constraints evaluation (#5204)
5169b22 
Ref #5024
@eleftherias
Copy link
Contributor Author

Closing this as complete. The PR alert type is under the feature flag pr_comment_alert.
Here is an example rule definition using the new alert type:

def:
  in_entity: pull_request
  param_schema:
    properties: {}
  rule_schema: {}
  ingest:
    type: diff
    diff:
      type: full
  eval:
    type: rego
    rego:
      type: constraints
      violation_format: json
      def: |
        package minder

        import future.keywords.in
        import future.keywords.if

        violations[{"msg": msg}] if {
          # Walk all files in the repo
          files_in_repo := input.ingested.files

          some current_file in files_in_repo
        
          msg := sprintf("File found: %s", [current_file.name])
        }
  alert:
    type: pull_request_comment
    pull_request_comment:
      review_message: |
        {{- range .EvalResultOutput }}  
        - {{ .msg }}
        {{- end }}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleftherias eleftherias

Labels
user-story
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eleftherias