improve file name and test old workfow

Author: cveticm

.github/workflows/generate-augmented-sbom.yml

@@ -1,6 +1,7 @@
 name: Augment SBOM
 
 on:
+  pull_request:
   workflow_dispatch:
     inputs:
       release_version:
@@ -77,17 +78,23 @@ jobs:
             --branch "${KONDUKTO_BRANCH_PREFIX}-linux-arm64" \
             --sbom-out "/pwd/linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json"
 
+      - name: Get current date  
+        id: date  
+        run: |  
+          echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_ENV  
+
       - name: Generate SSDLC report
         env:
             AUTHOR: ${{ github.actor }}
             VERSION: ${{ inputs.release_version }}
             AUGMENTED_SBOM_TEXT: "  - See Augmented SBOM manifests (CycloneDX in JSON format):
-                \n    - This file has been provided along with this report under the name 'linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json'\n"
+                \n    - This file has been provided along with this report under the name 'linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json'
+                \n    - Please note that this file was generated on ${{ env.date }} and may not reflect the latest security information of all third party dependencies."
         run: ./build/package/gen-ssdlc-report.sh
       - name: Upload augmented SBOM as artifact
         uses: actions/upload-artifact@v4
         with:
           name: augmented_sbom_and_ssdlc_report
           path: |
-            linux_amd64_augmented_sbom_v${{ inputs.release_version }}.json
-            ssdlc-compliance-${{ inputs.release_version }}.md
+            linux-amd64-augmented-sbom-v${{ inputs.release_version }}-${{ env.date }}.json
+            ssdlc-compliance-${{ inputs.release_version }}-${{ env.date }}.md

.github/workflows/update-ssdlc-report.yaml

@@ -39,80 +39,4 @@ jobs:
           AUTHOR: ${{ steps.extract.outputs.author }}
           VERSION: ${{ steps.extract.outputs.version }}
         run: ./build/package/gen-ssdlc-report.sh
-      - name: set Apix Bot token
-        id: app-token
-        uses: mongodb/apix-action/token@3024080388613583e3bd119bfb1ab4b4dbf43c42
-        with:
-          app-id: ${{ secrets.APIXBOT_APP_ID }}
-          private-key: ${{ secrets.APIXBOT_APP_PEM }}
-      - name: Find JIRA ticket
-        id: find
-        uses: mongodb/apix-action/find-jira@3024080388613583e3bd119bfb1ab4b4dbf43c42
-        with:
-          token: ${{ secrets.JIRA_API_TOKEN }}
-          jql: project = CLOUDP AND status NOT IN (Closed, Resolved) AND summary ~ "Update Compliance Report"
-      - name: Set JIRA ticket (find)
-        if: steps.find.outputs.found == 'true'
-        run: |
-          echo "JIRA_KEY=${{steps.find.outputs.issue-key}}" >> "$GITHUB_ENV"
-      - name: Create JIRA ticket
-        uses: mongodb/apix-action/create-jira@3024080388613583e3bd119bfb1ab4b4dbf43c42
-        id: create
-        if: steps.find.outputs.found == 'false'
-        with:
-          token: ${{ secrets.JIRA_API_TOKEN }}
-          project-key: CLOUDP
-          summary: "[AtlasCLI] Update Compliance Report"
-          issuetype: Story
-          description: Update Compliance Report
-          components: AtlasCLI
-          assignee: ${{ secrets.ASSIGNEE_JIRA_TICKET }}
-          extra-data: |
-            {
-              "fields": {
-                "fixVersions": [
-                  {
-                    "id": "41805"
-                  }
-                ],
-                "customfield_12751": [
-                  {
-                    "id": "22223"
-                  }
-                ],
-                "customfield_10257": {
-                  "id": "11861"
-                }
-              }
-            }
-      - name: Set JIRA ticket (create)
-        if: steps.find.outputs.found == 'false'
-        run: |
-          echo "JIRA_KEY=${{steps.create.outputs.issue-key}}" >> "$GITHUB_ENV"
-      - uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
-        id: pr
-        with:
-          token: ${{ steps.app-token.outputs.token }}
-          committer: "${{ steps.app-token.outputs.user-name }} <${{ steps.app-token.outputs.user-email }}>"
-          author: "${{ steps.app-token.outputs.user-name }} <${{ steps.app-token.outputs.user-email }}>"
-          title: "${{ env.JIRA_KEY }}: Update compliance report for v${{ steps.extract.outputs.version }}"
-          commit-message: "${{ env.JIRA_KEY }}: Update compliance report for v${{ steps.extract.outputs.version }}"
-          delete-branch: true
-          base: master
-          branch: ${{ env.JIRA_KEY }}
-          labels: |
-            compliance
-            auto
-            auto_close_jira
-          body: |
-            ## Proposed changes
-            Update compliance report for v${{ steps.extract.outputs.version }}
-            _Jira ticket:_ ${{ env.JIRA_KEY }}
-
-            Note: Jira ticket will be closed automatically when this PR is merged.
-
-      - name: Set auto merge
-        env:
-          GH_TOKEN: ${{ steps.app-token.outputs.token }}
-        run: |
-          gh pr merge "${{ steps.pr.outputs.pull-request-url }}" --auto --squash
+        

build/package/gen-ssdlc-report.sh

@@ -33,21 +33,22 @@ export AUTHOR
 export VERSION
 
 target_dir="."
+file_name="ssdlc-compliance-${VERSION}.md"
 
 if [ -z "${AUGMENTED_SBOM_TEXT:-}" ]; then
   target_dir="compliance/v${VERSION}"
-
+  file_name="ssdlc-compliance-${VERSION}-${DATE}.md"
   # Ensure AtlasCLI version directory exists
   mkdir -p "${target_dir}"
 fi
 
 echo "Generating SSDLC checklist for AtlasCLI version ${VERSION}, author ${AUTHOR} and release date ${DATE}..."
 
 envsubst < docs/releases/ssdlc-compliance.template.md \
-  > "${target_dir}/ssdlc-compliance-${VERSION}.md"
+  > "${target_dir}/${file_name}"
 
 echo "SDLC checklist ready. Files in ${target_dir}/:"
 ls -l "${target_dir}/"
 
 echo "Printing the generated report:"
-cat "${target_dir}/ssdlc-compliance-${VERSION}.md"
+cat "${target_dir}/${file_name}"