From d9d3c31f457d4106a31e7cecc690cf9503c68175 Mon Sep 17 00:00:00 2001
From: Sivan Hajbi <117824107+sivan-hajbi-imperva@users.noreply.github.com>
Date: Wed, 1 Nov 2023 12:07:46 +0200
Subject: [PATCH] Upgrade flow yml (#301)

* add upgrade flow yml for unit tests and upgrade automation
---
 .github/workflows/sonar_upgrade.yml           | 19 -------
 .github/workflows/sonar_upgrade_flow.yml      | 54 +++++++++++++++++++
 .../workflows/sonar_upgrade_unit_tests.yml    | 19 -------
 .../sonar-upgrader/python_upgrader/README.md  |  4 +-
 .../tests/test_upgrade_status_service.py      |  1 +
 5 files changed, 57 insertions(+), 40 deletions(-)
 create mode 100644 .github/workflows/sonar_upgrade_flow.yml

diff --git a/.github/workflows/sonar_upgrade.yml b/.github/workflows/sonar_upgrade.yml
index e86044cda..677197010 100644
--- a/.github/workflows/sonar_upgrade.yml
+++ b/.github/workflows/sonar_upgrade.yml
@@ -25,25 +25,6 @@ on:
         type: boolean
         required: false
 
-  push:
-    branches:
-      - 'master'
-      - 'dev'
-    paths:
-      - 'modules/aws/sonar-upgrader/**'
-      - 'examples/sonar_upgrade/*'
-
-  pull_request:
-    types:
-      - 'opened'
-      - 'reopened'
-    branches:
-      - 'master'
-      - 'dev'
-    paths:
-      - 'modules/aws/sonar-upgrader/**'
-      - 'examples/sonar_upgrade/*'
-
 env:
   TF_CLI_ARGS: "-no-color"
   TF_INPUT: 0
diff --git a/.github/workflows/sonar_upgrade_flow.yml b/.github/workflows/sonar_upgrade_flow.yml
new file mode 100644
index 000000000..c39022336
--- /dev/null
+++ b/.github/workflows/sonar_upgrade_flow.yml
@@ -0,0 +1,54 @@
+name: 'Sonar Upgrade Flow'
+
+on:
+  workflow_call:
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+      SLACK_WEBHOOK_URL:
+        required: true
+      DAM_LICENSE:
+        required: true
+  workflow_dispatch:
+
+  push:
+    branches:
+      - 'master'
+      - 'dev'
+    paths:
+      - 'modules/aws/sonar-upgrader/**'
+      - 'examples/sonar_upgrade/*'
+
+  pull_request:
+    types:
+      - 'opened'
+      - 'reopened'
+    branches:
+      - 'master'
+      - 'dev'
+    paths:
+      - 'modules/aws/sonar-upgrader/**'
+      - 'examples/sonar_upgrade/*'
+
+permissions:
+  contents: read
+
+jobs:
+  sonar_upgrade_unit_tests:
+    uses: ./.github/workflows/sonar_upgrade_unit_tests.yml
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+
+  sonar_upgrade:
+    needs: sonar_upgrade_unit_tests
+    uses: ./.github/workflows/sonar_upgrade.yml
+    with:
+      use_modules_from_terraform_registry: false
+      explicit_ref: '' # current branch
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
diff --git a/.github/workflows/sonar_upgrade_unit_tests.yml b/.github/workflows/sonar_upgrade_unit_tests.yml
index 079519c8b..22c6210ea 100644
--- a/.github/workflows/sonar_upgrade_unit_tests.yml
+++ b/.github/workflows/sonar_upgrade_unit_tests.yml
@@ -7,25 +7,6 @@ on:
         required: true
   workflow_dispatch:
 
-  push:
-    branches:
-      - 'master'
-      - 'dev'
-    paths:
-      - 'modules/aws/sonar-upgrader/**'
-      - 'examples/sonar_upgrade/*'
-
-  pull_request:
-    types:
-      - 'opened'
-      - 'reopened'
-    branches:
-      - 'master'
-      - 'dev'
-    paths:
-      - 'modules/aws/sonar-upgrader/**'
-      - 'examples/sonar_upgrade/*'
-
 permissions:
   contents: read
 
diff --git a/modules/aws/sonar-upgrader/python_upgrader/README.md b/modules/aws/sonar-upgrader/python_upgrader/README.md
index 7a3aebf30..4e6706fec 100644
--- a/modules/aws/sonar-upgrader/python_upgrader/README.md
+++ b/modules/aws/sonar-upgrader/python_upgrader/README.md
@@ -9,8 +9,8 @@ This utility is designed for upgrading DSF Hubs and Agentless Gateways.
 To utilize the upgrade package, run the following command and replace [arguments] with the specific arguments required 
 for your environment configuration:
 
-`python -u -m upgrade.main [arguments]`
+`python3 -u -m upgrade.main [arguments]`
 
 For a list of available arguments and their descriptions, use the following command:
 
-`python -u -m upgrade.main -h`
\ No newline at end of file
+`python3 -u -m upgrade.main -h`
\ No newline at end of file
diff --git a/modules/aws/sonar-upgrader/python_upgrader/tests/test_upgrade_status_service.py b/modules/aws/sonar-upgrader/python_upgrader/tests/test_upgrade_status_service.py
index ea005d17d..7cf82fdab 100644
--- a/modules/aws/sonar-upgrader/python_upgrader/tests/test_upgrade_status_service.py
+++ b/modules/aws/sonar-upgrader/python_upgrader/tests/test_upgrade_status_service.py
@@ -133,3 +133,4 @@ def test_flush(mocker, setup_for_each_test):
     is_file_exist_mock.assert_called_once_with("upgrade_status.json")
     read_file_contents_mock.assert_not_called()
     assert update_file_safely_mock.call_count == 2
+