Start with main
#3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update dependency proxy release assets | |
| on: | |
| push: | |
| branches: | |
| - mbg/update-proxy-binaries # for testing | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: "The tag of CodeQL Bundle release that contains the proxy binaries as release assets" | |
| type: string | |
| required: true | |
| jobs: | |
| update: | |
| name: Update code and create PR | |
| timeout-minutes: 15 | |
| runs-on: macos-latest | |
| permissions: | |
| contents: write # needed to push the updated files | |
| pull-requests: write # needed to create the PR | |
| env: | |
| RELEASE_TAG: ${{ inputs.tag || 'codeql-bundle-v2.22.0' }} | |
| steps: | |
| - name: Install Node | |
| uses: actions/setup-node@v4 | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # ensure we have all tags and can push commits | |
| ref: main | |
| - name: Update git config | |
| shell: bash | |
| run: | | |
| git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git config --global user.name "github-actions[bot]" | |
| - name: Update release tag and version | |
| shell: bash | |
| run: | | |
| NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache | |
| sed -i '' "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-[0-9.]*/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts | |
| sed -i '' "s/\"v2.0.[0-9]*\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts | |
| - name: Push changes and open PR | |
| shell: bash | |
| env: | |
| BRANCH: "dependency-proxy/${{ env.RELEASE_TAG }}" | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| run: | | |
| set -exu | |
| pr_title="Update release used by \`start-proxy\` to \`$RELEASE_TAG\`" | |
| pr_body=$(cat << EOF | |
| This PR updates the \`start-proxy\` action to use the private registry proxy binaries that | |
| are attached as release assets to the \`$RELEASE_TAG\` release. | |
| Please do the following before merging: | |
| - [ ] Verify that the changes to the code are correct. | |
| EOF | |
| ) | |
| git checkout -b "$BRANCH" | |
| npm run build | |
| git add ./src/start-proxy-action.ts | |
| git add ./lib | |
| git commit -m "$pr_title" | |
| git push origin "$BRANCH" | |
| gh pr create \ | |
| --head "$BRANCH" \ | |
| --base "main" \ | |
| --title "${pr_title}" \ | |
| --body "${pr_body}" \ | |
| --draft |