This FR was mentioned in https://github.com/application-research/estuary/pull/290#issuecomment-1164281981, and I think it's a great idea. I am not 100% sure how to go about doing this, but it's worth investigating.

Some ideas of ways we could do this:

Export actions that receive pinning endpoints & tokens
- [ ] Create generic action that accepts endpoint & token inputs
- [ ] modify report generation to output JSON (needed for #30 long term solution anyway)
- [ ] Use generic action instead of build-reports.yml, for each of the compliance reports required. (DRY improvement not necessary for this FR)
- [ ] ensure generic action provides callers output
  - ::set-output success=[true|false]
  - ::set-output passed=[number]
  - ::set-output total=[number]
??

for idea 1 above

How pinning service providers would call the action:

  run-compliance-tests:
    uses: ipfs-shipyard/pinning-service-compliance/.github/workflows/build-report-with-input.yml@v1.0.10
    secrets:
      API_ENDPOINT: ${{ secrets.PINNING_API_ENDPOINT }}
      API_TOKEN: ${{ secrets.PINNING_API_TOKEN }}

See https://docs.github.com/en/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow

How pinning service providers would use the results

  validate-compliance:
    runs-on: ubuntu-latest
    needs: run-compliance-tests
    if: ${{ needs.run-compliance-tests.outputs.passed < needs.run-compliance-tests.outputs.total }}
    steps:
      - name: Fail
        uses: actions/github-script@v3
        with:
          script: |
            core.setFailed('Only ${{ needs.run-compliance-tests.outputs.passed }}/${{ needs.run-compliance-tests.outputs.total}} checks passed')

See https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow

ipfs-shipyard / pinning-service-compliance

Feature Request: Allow Pinning Service providers to add compliance checks to their pipeline easily #140

for idea 1 above