Add update functionality to comment

[endakelly]

Change description

Enable functionality for existing comments to be updated rather than creating multiple comments.
Will only work if the bot comments once per run.

CVE Suppression: Are there any CVEs present in the codebase (either newly introduced or pre-existing) that are being intentionally suppressed or ignored by this commit?

• Yes
• No

Checklist

• commit messages are meaningful and follow good commit message guidelines
• README and other documentation has been updated / added (if needed)
• tests have been updated / new tests has been added (if needed)
• Does this PR introduce a breaking change

🤖AEP PR SUMMARY🤖

.github/workflows/pr-reviewer.yaml

• Added a new step to get the github-actions bot comment ID, if it exists, using a GitHub API call.
• Updated the Create or update PR review comment step to conditionally create or update a PR review comment based on the existence of an existing comment ID.

.github/workflows/terraform.yaml

• Added the hashicorp/setup-terraform@v3 action to set up Terraform with version "1.13.3" for the Terraform Init job.

[github-actions]

Improvements and Recommendations:

pr-reviewer.yaml

1. Hardcoded API Version Date:

   • The GitHub API version is hardcoded as 2022-11-28. While functional now, it may become outdated.
   • Suggestion: Replace it with the latest version dynamically or document a schedule to update it:
     yaml
     -H "X-GitHub-Api-Version: latest"

   • Impact: Reduces future maintenance and ensures compatibility with the latest GitHub API features.

2. Use of set -euo pipefail:

   • While a good practice for safety, the script might fail abruptly if some variables (like comments_json) are empty or malformed.
   • Suggestion: Use a check to ensure comments_json is not empty or verify the API response before parsing with jq.

3. Missing Error Handling in API Call:

   • If the curl request fails (e.g., due to rate limits or connectivity issues), there’s no retry or user feedback.
   • Suggestion: Add retry logic (e.g., using exponential backoff with retries) and error handling:

     curl --retry 3 --retry-delay 5 --retry-connrefused ...

4. Security - Logging Sensitive Data:

   • Sensitive variables (e.g., GH_TOKEN) are injected into the environment. While they are not explicitly logged, ensure set -x is disabled to avoid unintended exposure.
   • Suggestion: Double-check this behavior across workflows.

5. Compatibility Check:

   • The jq utility is used for JSON parsing. While widely supported, it’s worth verifying if self-hosted runners or unusual environments support it without manual installation.
   • Suggestion: Explicitly document jq as a dependency.

6. No Newline at EOF:

   • The No newline at end of file tag in the diff suggests a missing newline in the code. While not critical, it’s a coding standard to add a newline.

---

terraform.yaml

1. Terraform Version Pinning:

   • Using a fixed version (1.13.3) ensures stability but may delay critical updates.
   • Suggestion: If possible, use a version constraint like:

     terraform_version: \"^1.13\"

     This would capture minor updates (e.g., 1.13.x) automatically.

2. HashiCorp Setup-Terraform Action:

   • Only the terraform_version field was added within this block. Ensure functionalities such as Terraform init or validate are explicitly addressed in subsequent steps to avoid unintentional omissions (depending on your overall workflow).

---

Additional Notes:

• Estimated Cost Impact:

  • Minimal changes in this diff will not significantly impact the existing workflow costs in GBP, as GitHub-hosted runners will consume negligible additional time.

• Carbon Usage:

  • The carbon footprint increase is negligible for these added steps. However, any retries added later for API calls can marginally increase compute usage.