From 45acdc16731ac687f2e752abc6553cea37ec30f8 Mon Sep 17 00:00:00 2001
From: Pavel Mikula <pavel.mikula@sonarsource.com>
Date: Tue, 3 Dec 2024 15:05:18 +0100
Subject: [PATCH 1/2] Add Jira integration

---
 .github/PULL_REQUEST_TEMPLATE.md         |  8 +++++++
 .github/workflows/PullRequestClosed.yml  | 29 +++++++++++++++++++++++
 .github/workflows/PullRequestCreated.yml | 29 +++++++++++++++++++++++
 .github/workflows/RequestReview.yml      | 28 ++++++++++++++++++++++
 .github/workflows/SubmitReview.yml       | 30 ++++++++++++++++++++++++
 5 files changed, 124 insertions(+)
 create mode 100644 .github/workflows/PullRequestClosed.yml
 create mode 100644 .github/workflows/PullRequestCreated.yml
 create mode 100644 .github/workflows/RequestReview.yml
 create mode 100644 .github/workflows/SubmitReview.yml

diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
index 72cba088c..4c8ad664c 100644
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,3 +1,11 @@
+Part of 
+<!-- 
+  Only for standalone PRs without Jira issue in the PR title: 
+    * Replace this comment with Epic ID to create a new Task in Jira
+    * Replace this comment with Issue ID to create a new Sub-Task in Jira
+    * Ignore or delete this note to create a new Task in Jira without a parent 
+-->
+
 Please ensure your pull request adheres to the following guidelines:
 - [ ] explain your motives to contribute this change: what problem you are trying to fix, what improvement you are trying to make
 - [ ] Document your Changes in the `CHANGELOG.md` file of the respected chart as well as the `Chart.yaml`
\ No newline at end of file
diff --git a/.github/workflows/PullRequestClosed.yml b/.github/workflows/PullRequestClosed.yml
new file mode 100644
index 000000000..b50896eba
--- /dev/null
+++ b/.github/workflows/PullRequestClosed.yml
@@ -0,0 +1,29 @@
+name: Pull Request Closed
+
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  PullRequestMerged_job:
+    name: Pull Request Merged
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      pull-requests: read
+    # For external PR, ticket should be moved manually
+    if: |
+        github.event.pull_request.head.repo.full_name == github.repository
+        && github.event.pull_request.merged
+    steps:
+      - id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/kv/data/jira user | JIRA_USER;
+            development/kv/data/jira token | JIRA_TOKEN;
+      - uses: sonarsource/gh-action-lt-backlog/PullRequestClosed@v2
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          jira-user:  ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
+          jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}
diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml
new file mode 100644
index 000000000..45fc3f097
--- /dev/null
+++ b/.github/workflows/PullRequestCreated.yml
@@ -0,0 +1,29 @@
+name: Pull Request Created
+
+on:
+  pull_request:
+    types: ["opened"]
+
+jobs:
+  PullRequestCreated_job:
+    name: Pull Request Created
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    # For external PR, ticket should be created manually
+    if: |
+        github.event.pull_request.head.repo.full_name == github.repository
+    steps:
+      - id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN;
+            development/kv/data/jira user | JIRA_USER;
+            development/kv/data/jira token | JIRA_TOKEN;
+      - uses: sonarsource/gh-action-lt-backlog/PullRequestCreated@v2
+        with:
+          github-token: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
+          jira-user:    ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
+          jira-token:   ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}
+          jira-project: SONAR
diff --git a/.github/workflows/RequestReview.yml b/.github/workflows/RequestReview.yml
new file mode 100644
index 000000000..5eac0d555
--- /dev/null
+++ b/.github/workflows/RequestReview.yml
@@ -0,0 +1,28 @@
+name: Request review
+
+on:
+  pull_request:
+    types: ["review_requested"]
+
+jobs:
+  RequestReview_job:
+    name: Request review
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    # For external PR, ticket should be moved manually
+    if: |
+        github.event.pull_request.head.repo.full_name == github.repository
+    steps:
+      - id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/github/token/{REPO_OWNER_NAME_DASH}-jira token | GITHUB_TOKEN;
+            development/kv/data/jira user | JIRA_USER;
+            development/kv/data/jira token | JIRA_TOKEN;
+      - uses: sonarsource/gh-action-lt-backlog/RequestReview@v2
+        with:
+          github-token: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
+          jira-user:    ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
+          jira-token:   ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}
diff --git a/.github/workflows/SubmitReview.yml b/.github/workflows/SubmitReview.yml
new file mode 100644
index 000000000..d5f22e624
--- /dev/null
+++ b/.github/workflows/SubmitReview.yml
@@ -0,0 +1,30 @@
+name: Submit Review
+
+on:
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  SubmitReview_job:
+    name: Submit Review
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      pull-requests: read
+    # For external PR, ticket should be moved manually
+    if: |
+        github.event.pull_request.head.repo.full_name == github.repository
+        && (github.event.review.state == 'changes_requested'
+            || github.event.review.state == 'approved')
+    steps:
+      - id: secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/kv/data/jira user | JIRA_USER;
+            development/kv/data/jira token | JIRA_TOKEN;
+      - uses: sonarsource/gh-action-lt-backlog/SubmitReview@v2
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          jira-user: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
+          jira-token: ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}

From 6f5c2e7009cc70bed645fd6f303b68001ac9d1fa Mon Sep 17 00:00:00 2001
From: Davi Koscianski Vidal <davi.koscianski-vidal@sonarsource.com>
Date: Thu, 12 Dec 2024 09:27:50 +0100
Subject: [PATCH 2/2] Adds default label

---
 .github/workflows/PullRequestCreated.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/PullRequestCreated.yml b/.github/workflows/PullRequestCreated.yml
index 45fc3f097..a7d3a8a94 100644
--- a/.github/workflows/PullRequestCreated.yml
+++ b/.github/workflows/PullRequestCreated.yml
@@ -27,3 +27,4 @@ jobs:
           jira-user:    ${{ fromJSON(steps.secrets.outputs.vault).JIRA_USER }}
           jira-token:   ${{ fromJSON(steps.secrets.outputs.vault).JIRA_TOKEN }}
           jira-project: SONAR
+          additional-fields: '{ "labels": ["sq-platform"] }'