FoD: Implementation of fod action run gitlab-mr-comment and fod action run ado-pr-comment with similar behaviour to github-pr-comment.#1034
Closed
kadraman wants to merge 4 commits into
Conversation
…o `github-pr-comment` for FoD.
There was a problem hiding this comment.
Pull request overview
Adds a new FoD CI action template that posts FoD vulnerability delta summaries as GitLab Merge Request comments/notes, mirroring the existing github-pr-comment behavior so fod action run ci can pick it up in GitLab CI contexts.
Changes:
- Introduces new
gitlab-pr-commentaction YAML for posting MR notes via GitLab API. - Adds CLI options for GitLab API URL, token, project id, and MR IID with GitLab CI environment-variable defaults.
- Implements issue delta rendering (new/re-introduced vs removed) and a
--dryrunmode.
…nvironment variable.
kadraman
changed the title
gitlab-pr-comment action with similar behaviour to github-pr-comment for FoD.fod action run gitlab-pr-comment with similar behaviour to github-pr-comment.
…ng `fcli action run ci` - Added support for Azure DevOps PR comments with a new action `ado-pr-comment`. - Introduced GitLab MR comments with a new action `gitlab-mr-comment`. - Updated environment detection for Azure DevOps and GitLab to include PR comment action suffixes. - Enhanced documentation for PR comment actions in `ci-doc.yaml` and respective action YAML files. - Improved functional tests to verify PR comment actions for GitHub and GitLab.
kadraman
changed the title
fod action run gitlab-pr-comment with similar behaviour to github-pr-comment.fod action run gitlab-mr-comment and fod action run ado-pr-comment with similar behaviour to github-pr-comment.
Contributor
Author
|
Updated to include |
Contributor
|
Superseded by #1042 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
As per title. I have used consistent name
gitlab-pr-commenteven though it is a MR in GitLab sofod action run cishould hopefully pick it up. There equivalent ofGITHUB_TOKENin GitLab isCI_JOB_TOKENbut this only has read permission to MRs so the user need to specifically create aGITLAB_TOKEN(orGITLAB_API_TOKEN) with permission for this to work.An example of run:
No equivalent for SSC has been created yet.