From a02500bc409365caf4e51622aae8b883c29a52cf Mon Sep 17 00:00:00 2001 From: Phil Gee Date: Thu, 27 Nov 2025 14:53:06 +0000 Subject: [PATCH 1/5] AEA-5959 Add step to run build. --- .github/workflows/quality-checks.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 6e961ef..12b2f6d 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -407,3 +407,6 @@ jobs: with: name: cfn_guard_output path: cfn_guard_output + + - name: Build project + run: make build From 94eecd8ac42f9e46a7b767ddd7e28b6773df7664 Mon Sep 17 00:00:00 2001 From: Phil Gee Date: Thu, 27 Nov 2025 15:24:09 +0000 Subject: [PATCH 2/5] AEA-5959 Add new entries to .gitallowed. --- .gitallowed | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitallowed b/.gitallowed index e7593cf..462bb67 100644 --- a/.gitallowed +++ b/.gitallowed @@ -1,3 +1,7 @@ token: ?"?\$\{\{\s*secrets\.GITHUB_TOKEN\s*\}\}"? .*\.gitallowed.* id-token: write +def __init__\(self, token: str, owner: str, repo: str +token = os.environ\.get\("GH_TOKEN"\) +self\.token = token +password: \${{ secrets.GITHUB_TOKEN }} From 5677100cd2d1306964add2cc1c119aa372f89717 Mon Sep 17 00:00:00 2001 From: Phil Gee Date: Thu, 27 Nov 2025 15:48:16 +0000 Subject: [PATCH 3/5] AEA-5959 Check for build target. Run only if present. --- .github/workflows/quality-checks.yml | 7 ++++++- scripts/check_makefile_target.sh | 30 ++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100755 scripts/check_makefile_target.sh diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 12b2f6d..50ff490 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -409,4 +409,9 @@ jobs: path: cfn_guard_output - name: Build project - run: make build + run: | + if scripts/check_makefile_target.sh build; then + make build + else + echo "No build target found in Makefile, skipping build step" + fi diff --git a/scripts/check_makefile_target.sh b/scripts/check_makefile_target.sh new file mode 100755 index 0000000..90e85e2 --- /dev/null +++ b/scripts/check_makefile_target.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# Script to check if a target exists in a Makefile +# Usage: check_makefile_target.sh [makefile_path] + +set -euo pipefail + +TARGET_NAME="${1:-}" +MAKEFILE_PATH="${2:-Makefile}" + +if [ -z "$TARGET_NAME" ]; then + echo "Error: Target name is required" >&2 + echo "Usage: $0 [makefile_path]" >&2 + exit 1 +fi + +if [ ! -f "$MAKEFILE_PATH" ]; then + echo "Error: Makefile not found at '$MAKEFILE_PATH'" >&2 + exit 1 +fi + +# Check if the target exists in the Makefile +# Matches lines like "target:" or "target: dependencies" +if grep -qE "^${TARGET_NAME}:" "$MAKEFILE_PATH"; then + echo "Target '$TARGET_NAME' exists in $MAKEFILE_PATH" + exit 0 +else + echo "Target '$TARGET_NAME' not found in $MAKEFILE_PATH" >&2 + exit 1 +fi From 2b0c89512925e621c3f43118771ff3e4a3c3ed81 Mon Sep 17 00:00:00 2001 From: Phil Gee Date: Thu, 27 Nov 2025 16:42:05 +0000 Subject: [PATCH 4/5] AEA-5959 Include script in workflow step. --- .github/workflows/quality-checks.yml | 18 +++++++++-------- scripts/check_makefile_target.sh | 30 ---------------------------- 2 files changed, 10 insertions(+), 38 deletions(-) delete mode 100755 scripts/check_makefile_target.sh diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 50ff490..63fb397 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -193,6 +193,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Run build if Makefile target exists + run: | + if grep -qE "^build:" "Makefile"; then + echo "build target exists in Makefile" + make build + else + echo "build target not found in Makefile" + exit 1 + fi + # CloudFormation validation (runs only if templates exist, ~3-5 minutes) cloudformation-validation: runs-on: ubuntu-22.04 @@ -407,11 +417,3 @@ jobs: with: name: cfn_guard_output path: cfn_guard_output - - - name: Build project - run: | - if scripts/check_makefile_target.sh build; then - make build - else - echo "No build target found in Makefile, skipping build step" - fi diff --git a/scripts/check_makefile_target.sh b/scripts/check_makefile_target.sh deleted file mode 100755 index 90e85e2..0000000 --- a/scripts/check_makefile_target.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -# Script to check if a target exists in a Makefile -# Usage: check_makefile_target.sh [makefile_path] - -set -euo pipefail - -TARGET_NAME="${1:-}" -MAKEFILE_PATH="${2:-Makefile}" - -if [ -z "$TARGET_NAME" ]; then - echo "Error: Target name is required" >&2 - echo "Usage: $0 [makefile_path]" >&2 - exit 1 -fi - -if [ ! -f "$MAKEFILE_PATH" ]; then - echo "Error: Makefile not found at '$MAKEFILE_PATH'" >&2 - exit 1 -fi - -# Check if the target exists in the Makefile -# Matches lines like "target:" or "target: dependencies" -if grep -qE "^${TARGET_NAME}:" "$MAKEFILE_PATH"; then - echo "Target '$TARGET_NAME' exists in $MAKEFILE_PATH" - exit 0 -else - echo "Target '$TARGET_NAME' not found in $MAKEFILE_PATH" >&2 - exit 1 -fi From 23f793efac012926d8dce24f87092e20f6dde32d Mon Sep 17 00:00:00 2001 From: Phil Gee Date: Thu, 27 Nov 2025 16:43:34 +0000 Subject: [PATCH 5/5] AEA-5959 Remove exit 1 when no build target. --- .github/workflows/quality-checks.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 63fb397..8c41cd7 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -200,7 +200,6 @@ jobs: make build else echo "build target not found in Makefile" - exit 1 fi # CloudFormation validation (runs only if templates exist, ~3-5 minutes)