Skip to content

chore(ci): skip enrichment-metrics + mapping-count comments on doc-only PRs#369

Merged
Daren9m merged 1 commit into
mainfrom
chore/silence-bot-emails-on-doc-prs
Apr 30, 2026
Merged

chore(ci): skip enrichment-metrics + mapping-count comments on doc-only PRs#369
Daren9m merged 1 commit into
mainfrom
chore/silence-bot-emails-on-doc-prs

Conversation

@Daren9m
Copy link
Copy Markdown
Collaborator

@Daren9m Daren9m commented Apr 30, 2026

Summary

Silences the email-noise source you flagged: github-actions[bot] was posting/updating two sticky comments (enrichment-metrics + mapping-count-regression) on every PR, including the v3.4.0 audit-doc series. Both emitted identical numbers and emailed you for zero signal.

Root cause

Both jobs in .github/workflows/validate.yml were gated only by if: github.event_name == 'pull_request'. Doc-only PRs trigger them anyway. Each sticky-comment update is a notification event → email to the PR author.

Fix

Add a changes job using dorny/paths-filter@v3 that detects source-affecting paths (data/**, scripts/**, CheckID.psd1, CheckID.psm1, .github/workflows/**). Gate the two noisy jobs via:

needs: changes
if: github.event_name == 'pull_request' && needs.changes.outputs.source == 'true'

Behavior matrix

PR shape Pester / schema validation enrichment-metrics comment mapping-count-regression comment
Source change (data/scripts/module/workflows) ✅ runs ✅ posts (current behavior) ✅ posts (current behavior)
Doc-only (audit catalogs, CHANGELOG, LICENSES, tools/) ✅ runs silent silent

Other validate.yml jobs (lint, validate-data, data-quality, test, module-test, python-validate) are unchanged.

Files

  • .github/workflows/validate.yml — adds changes job + 2-line gating on the two noisy jobs (32 lines)
  • CHANGELOG.md[Unreleased] / Changed entry

Test plan

  • This PR itself touches .github/workflows/** so the changes job will report source = true → full validation runs (correct: workflow changes need to be validated)
  • Future doc-only PRs will skip the two noisy jobs
  • Future source PRs continue to get the full sticky-comment cycle

Why now

Email noise from the v3.4.0 audit-doc series (12 PRs in two days, each emitting both comments multiple times during CI) is a real friction. Doing the structural fix now prevents it from continuing on the remaining audits (#335, #336) and any future doc-only work.

🤖 Generated with Claude Code

@Daren9m @claude
chore(ci): skip noisy informational PR comments on doc-only PRs
3178843 
The enrichment-metrics and mapping-count-regression jobs in
validate.yml post sticky comments via github-actions[bot] on every PR.
For PRs that don't change registry / build output (the v3.4.0 audit-doc
series, CHANGELOG-only PRs, LICENSES updates), both jobs emit identical
numbers each run — and each comment update triggers a notification
email to the PR author for zero signal.

Add a `changes` job using dorny/paths-filter@v3 that detects whether a
PR touches source-affecting paths (data/, scripts/, CheckID.psd1,
CheckID.psm1, .github/workflows/). Gate the two noisy jobs via
`needs: changes` + `if: needs.changes.outputs.source == 'true'`.

Behavior:
- Source PRs (registry, build script, module changes): full validation
  + both sticky comments — unchanged from today
- Doc-only PRs (audit catalogs, CHANGELOG entries, LICENSES, tools/
  README): Pester + schema validation still run; the two noisy
  comment-posting jobs skip — silent on the PR thread

Other validate.yml jobs (lint, validate-data, data-quality, test,
module-test, python-validate) run on all PRs unchanged. The fix is
narrowly scoped to the email-noise sources.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026

Framework mapping count delta

Framework main this PR Δ Δ% Status
cis-controls-v8 1020 1020 0 +0.00% ✓ OK
cis-m365-v6 180 180 0 +0.00% ✓ OK
cisa-scuba 52 52 0 +0.00% ✓ OK
cmmc 1080 1080 0 +0.00% ✓ OK
eidsca 21 21 0 +0.00% ✓ OK
essential-eight 630 630 0 +0.00% ✓ OK
fedramp 1072 1072 0 +0.00% ✓ OK
gdpr 11 11 0 +0.00% ✓ OK
hipaa 501 501 0 +0.00% ✓ OK
iso-27001 1020 1020 0 +0.00% ✓ OK
iso-27002 1020 1020 0 +0.00% ✓ OK
iso-27017 1012 1012 0 +0.00% ✓ OK
mitre-attack 892 892 0 +0.00% ✓ OK
nis2 311 311 0 +0.00% ✓ OK
nist-800-171 1080 1080 0 +0.00% ✓ OK
nist-800-53 1072 1072 0 +0.00% ✓ OK
nist-csf 826 826 0 +0.00% ✓ OK
pci-dss 1052 1052 0 +0.00% ✓ OK
soc2 1103 1103 0 +0.00% ✓ OK
stig 13 13 0 +0.00% ✓ OK

Result: ✓ PASS — no framework mapping regressions detected.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026

Content enrichment population

Overall (1105 checks): rationale 26.3% (291/1105) • impact 26.3% (291/1105) • references 26.3% (291/1105)

Framework n rationale impact references
cis-controls-v8 1020 25.1% (256/1020) 25.1% (256/1020) 25.1% (256/1020)
cis-m365-v6 180 100.0% (180/180) 100.0% (180/180) 100.0% (180/180)
cisa-scuba 52 100.0% (52/52) 100.0% (52/52) 100.0% (52/52)
cmmc 1080 26.3% (284/1080) 26.3% (284/1080) 26.3% (284/1080)
eidsca 21 100.0% (21/21) 100.0% (21/21) 100.0% (21/21)
essential-eight 630 22.2% (140/630) 22.2% (140/630) 22.2% (140/630)
fedramp 1072 27.1% (291/1072) 27.1% (291/1072) 27.1% (291/1072)
gdpr 11 100.0% (11/11) 100.0% (11/11) 100.0% (11/11)
hipaa 501 33.3% (167/501) 33.3% (167/501) 33.3% (167/501)
iso-27001 1020 26.6% (271/1020) 26.6% (271/1020) 26.6% (271/1020)
iso-27002 1020 26.6% (271/1020) 26.6% (271/1020) 26.6% (271/1020)
iso-27017 1012 26.0% (263/1012) 26.0% (263/1012) 26.0% (263/1012)
mitre-attack 892 30.7% (274/892) 30.7% (274/892) 30.7% (274/892)
nis2 311 25.7% (80/311) 25.7% (80/311) 25.7% (80/311)
nist-800-171 1080 26.3% (284/1080) 26.3% (284/1080) 26.3% (284/1080)
nist-800-53 1072 27.1% (291/1072) 27.1% (291/1072) 27.1% (291/1072)
nist-csf 826 31.1% (257/826) 31.1% (257/826) 31.1% (257/826)
pci-dss 1052 26.3% (277/1052) 26.3% (277/1052) 26.3% (277/1052)
soc2 1103 26.4% (291/1103) 26.4% (291/1103) 26.4% (291/1103)
stig 13 100.0% (13/13) 100.0% (13/13) 100.0% (13/13)

Informational only — does not gate the build. The hard release-gate for Critical/High enrichment lives in #281 (v3.2.0).

@Daren9m Daren9m merged commit fcbb212 into main Apr 30, 2026
9 checks passed
@Daren9m Daren9m deleted the chore/silence-bot-emails-on-doc-prs branch April 30, 2026 14:21
This was referenced Apr 30, 2026
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Daren9m