From be0625b06c6f7ef035b5772a6f985450d7dca946 Mon Sep 17 00:00:00 2001
From: Renato Valenzuela <valerena@amazon.com>
Date: Thu, 23 May 2024 19:15:22 +0000
Subject: [PATCH] Improve step names

---
 .github/workflows/check-binaries.yml | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/check-binaries.yml b/.github/workflows/check-binaries.yml
index 1d113da..bd41ece 100644
--- a/.github/workflows/check-binaries.yml
+++ b/.github/workflows/check-binaries.yml
@@ -11,13 +11,16 @@ jobs:
     outputs:
       report_contents: ${{ steps.save-output.outputs.report_contents }}
     steps:
-      - uses: actions/setup-python@v5
+      - name: Setup python
+        uses: actions/setup-python@v5
         with:
           python-version: '3.11'
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@v4
         with:
           ref: main
-      - uses: robinraju/release-downloader@v1.10
+      - name: Download latest release
+        uses: robinraju/release-downloader@v1.10
         with:
           latest: true
           fileName: 'aws-lambda-rie*'
@@ -26,19 +29,19 @@ jobs:
         id: check-binaries
         run: |
           make check-binaries
-      - if: always() && failure()   # Failure means there are vulnerabilities
+      - if: always() && failure()   # `always()` to run even if the previous step failed. Failure means that there are vulnerabilities
+        name: Save content of the vulnerabilities report as GitHub output
         id: save-output
-        name: Save output contents
         run: |
           report_csv="$(ls -tr output.cve-bin-*.csv 2>/dev/null | tail -n1)"   # last file generated
           echo "Vulnerabilities stored in $report_csv"
           final_report="${report_csv}.txt"
           awk -F',' '{n=split($10, path, "/"); print $2,$3,$4,$5,path[n]}' "$report_csv" | column -t > "$final_report"   # make the CSV nicer
           echo "report_contents<<EOF" >> "$GITHUB_OUTPUT"
-          cat "$final_report" >> "$GITHUB_OUTPUT"
-          echo "EOF" >> "$GITHUB_OUTPUT"
+          cat "$final_report"         >> "$GITHUB_OUTPUT"
+          echo "EOF"                  >> "$GITHUB_OUTPUT"
       - if: always() && steps.check-binaries.outcome == 'failure'
-        name: Build new version and check
+        name: Build new binaries and check vulnerabilities again
         id: check-new-version
         run: |
           mkdir ./bin2
@@ -48,10 +51,9 @@ jobs:
           echo "latest_version=$latest_version" >> "$GITHUB_OUTPUT"
           make check-binaries
       - if: always() && steps.check-binaries.outcome == 'failure'
-        name: Save output for new version
+        name: Save outputs for the check with the latest build
         id: save-new-version
         run: |
-          exit_code=$?
           if [ "${{ steps.check-new-version.outcome }}" == "failure" ]; then
             fixed="No"
           else
@@ -59,7 +61,7 @@ jobs:
           fi
           echo "fixed=$fixed" >> "$GITHUB_OUTPUT"
       - if: always() && steps.check-binaries.outcome == 'failure'
-        name: Create Issue
+        name: Create GitHub Issue indicating vulnerabilities
         id: create-issue
         uses: dacbd/create-issue-action@main
         with: