test

.github/workflows/verifyAudit.yml

@@ -126,11 +126,8 @@ jobs:
 
             // Verify that exactly one of the two labels is assigned
             const requiredLabelCount = assignedLabels.filter(label => label === 'AuditRequired').length;
-            console.log(`requiredLabelCount: ${requiredLabelCount}`)
             const notRequiredLabelCount = assignedLabels.filter(label => label === 'AuditNotRequired').length;
-            console.log(`notRequiredLabelCount: ${notRequiredLabelCount}`)
             const totalLabelsAssigned = requiredLabelCount + notRequiredLabelCount;
-            console.log(`totalLabelsAssigned: ${totalLabelsAssigned}`)
 
             if (totalLabelsAssigned !== 1) {
               console.error(`${colors.red}Error: Exactly one of the two protected labels should be assigned but found ${totalLabelsAssigned} assigned labels.${colors.reset}`);
@@ -144,6 +141,9 @@ jobs:
         if: env.AUDIT_REQUIRED == 'true'
         run: |
 
+          echo "This step will make sure that an audit is logged for each contract modified/added by this PR."
+          echo "It will also make sure that no information is missing in the audit log and that the information is meaningful."
+
           # load list of protected contracts
           PROTECTED_CONTRACTS=$(cat protected_contracts.txt)
 
@@ -154,7 +154,7 @@ jobs:
           ##### make sure that there are any protected contracts
           if [[ -z $PROTECTED_CONTRACTS ]]; then
             echo -e "\033[31mNo protected contracts found. This should not happen (action should stop earlier). Please check the code of the Github action. Aborting now.\033[0m"
-            echo "CONTINUE=false" >> $GITHUB_ENV
+            echo "CONTINUE=false" >> "$GITHUB_ENV"
             exit 1
           fi
 
@@ -168,7 +168,7 @@ jobs:
             ##### make sure that contract version was extracted successfully
             if [[ -z $VERSION ]]; then
               echo -e "\033[31mCould not find version of contract $FILE. This should not happen. Please check the Github action code. Aborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             fi
 
@@ -188,7 +188,7 @@ jobs:
 
             ##### Ensure exactly one audit is logged; handle errors if not
             if [[ $AUDIT_COUNT -ne 1 ]]; then
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
 
               if [[ $AUDIT_COUNT -gt 1 ]]; then
                 echo -e "\033[31mError: Multiple audits found for contract $FILENAME in version $VERSION.\033[0m"
@@ -213,7 +213,7 @@ jobs:
             ##### Check if AUDIT_ENTRY is valid JSON
             if [[ -z "$AUDIT_ENTRY" || "$AUDIT_ENTRY" == "null" ]]; then
               echo -e "\033[31mError: The logged audit ID ($AUDIT_ID) for contract $FILE seems to be invalid.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             fi
 
@@ -232,7 +232,7 @@ jobs:
               echo -e "\033[31mThe audit log entry for file $FILE contains an invalid or no 'auditCompletedOn' date.\033[0m"
               echo -e "\033[31mThis github action cannot complete before the audit log is complete.\033[0m"
               echo -e "\033[31mAborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             else
               echo "The audit log contains a date for $AUDIT_ID: $AUDIT_COMPLETED_ON"
@@ -243,7 +243,7 @@ jobs:
               echo -e "\033[31mThe audit log entry for file $FILE contains invalid or no 'auditedBy' information.\033[0m"
               echo -e "\033[31mThis github action cannot complete before the audit log is complete.\033[0m"
               echo -e "\033[31mAborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             else
               echo "The audit log contains the auditor's name for $AUDIT_ID: $AUDITED_BY"
@@ -254,7 +254,7 @@ jobs:
               echo -e "\033[31mThe audit log entry for file $FILE contains invalid or no 'auditorGitHandle' information.\033[0m"
               echo -e "\033[31mThis github action cannot complete before the audit log is complete.\033[0m"
               echo -e "\033[31mAborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             else
               echo "The audit log contains the auditor's github handle for $AUDIT_ID: $AUDITOR_GIT_HANDLE"
@@ -265,7 +265,7 @@ jobs:
               echo -e "\033[31mCould not find an audit report in path $AUDIT_REPORT_PATH for contract "$FILENAME".\033[0m"
               echo -e "\033[31mThis github action cannot complete before the audit report is uploaded to 'audit/reports/'.\033[0m"
               echo -e "\033[31mAborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             else
               echo "The audit report for $AUDIT_ID was found in path $AUDIT_REPORT_PATH"
@@ -276,7 +276,7 @@ jobs:
               echo -e "\033[31mThe audit log entry for file $FILE contains invalid or no 'auditCommitHash' information.\033[0m"
               echo -e "\033[31mThis github action cannot complete before the audit log is complete.\033[0m"
               echo -e "\033[31mAborting now.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             else
               echo "The audit log contains the commit hash that was audited in $AUDIT_ID: $AUDIT_COMMIT_HASH"
@@ -289,10 +289,23 @@ jobs:
 
             ##### Check if the target commit is in the list
             if echo "$COMMIT_LIST" | grep -q "$TARGET_COMMIT"; then
-              echo -e "\033[32mCommit $AUDIT_COMMIT_HASH is associated with PR #$PR_NUMBER.\033[0m"
+            echo -e "\033[32mCommit $AUDIT_COMMIT_HASH is associated with PR #$PR_NUMBER.\033[0m"
+            else
+            echo -e "\033[31mCommit $AUDIT_COMMIT_HASH is NOT associated with PR #$PR_NUMBER.\033[0m"
+            echo "CONTINUE=false" >> "$GITHUB_ENV"
+            exit 1
+            fi
+
+
+            ##### Check if the auditor git handle exists on github
+            echo "now checking if the auditor git handle actually exists"
+            if gh api users/$GITHUB_USER > /dev/null 2>&1; then
+              echo -e "\033[32mA user with handle '$GITHUB_USER' exists on GitHub.\033[0m"
             else
-              echo -e "\033[31mCommit $AUDIT_COMMIT_HASH is NOT associated with PR #$PR_NUMBER.\033[0m"
-              echo "CONTINUE=false" >> $GITHUB_ENV
+              echo -e "\033[31mA user with handle '$GITHUB_USER' does not exist on GitHub.\033[0m"
+              echo -e "\033[31mPlease fix the audit log before continuing.\033[0m"
+              echo -e "\033[31mCheck failed.\033[0m"
+              echo "CONTINUE=false" >> "$GITHUB_ENV"
               exit 1
             fi
 
@@ -334,7 +347,7 @@ jobs:
             # else
             #   echo -e "\033[31mERROR: No review found by git user '$AUDITOR_GIT_HANDLE' (= the auditor)\033[0m"
             #   echo -e "\033[31mCheck failed\033[0m"
-            #   echo "CONTINUE=false" >> $GITHUB_ENV
+            #   echo "CONTINUE=false" >> "$GITHUB_ENV"
             #   exit 1
             # fi
             # ##### -----------------------------------------------------------------------------

.github/workflows_deactivated/protectAuditFolder.yml

@@ -9,6 +9,7 @@ on:
     paths:
       - 'audit/**'
   pull_request:
+    types: [opened, synchronize, reopened]
     paths:
       - 'audit/**'