mirror of
https://github.com/github/codeql-action.git
synced 2026-04-29 02:18:47 +00:00
dependabot[bot]
1a80c9b44e
Bumps the actions group with 4 updates: [actions/setup-go](https://github.com/actions/setup-go), [actions/github-script](https://github.com/actions/github-script), [actions/setup-node](https://github.com/actions/setup-node) and [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) Updates `actions/github-script` from 7 to 8 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7...v8) Updates `actions/setup-node` from 4 to 5 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v5) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-node dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
128 lines
4.5 KiB
YAML
128 lines
4.5 KiB
YAML
name: Rebuild Action
|
|
|
|
on:
|
|
pull_request:
|
|
types: [labeled]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
rebuild:
|
|
name: Rebuild Action
|
|
runs-on: ubuntu-latest
|
|
if: github.event.label.name == 'Rebuild' || github.event_name == 'workflow_dispatch'
|
|
|
|
permissions:
|
|
contents: write # needed to push rebuilt commit
|
|
pull-requests: write # needed to comment on the PR
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ github.event.pull_request.head.ref || github.event.ref }}
|
|
|
|
- name: Remove label
|
|
if: github.event_name == 'pull_request'
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
PR_NUMBER: ${{ github.event.pull_request.number }}
|
|
run: |
|
|
gh pr edit --repo github/codeql-action "$PR_NUMBER" \
|
|
--remove-label "Rebuild"
|
|
|
|
- name: Configure git
|
|
run: |
|
|
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
|
git config --global user.name "github-actions[bot]"
|
|
|
|
- name: Merge in changes from base branch
|
|
id: merge
|
|
env:
|
|
BASE_BRANCH: ${{ github.event.pull_request.base.ref || 'main' }}
|
|
run: |
|
|
git fetch origin "$BASE_BRANCH"
|
|
|
|
# Allow merge conflicts in `lib`, since rebuilding should resolve them.
|
|
git merge "origin/$BASE_BRANCH" || echo "Merge conflicts detected, continuing."
|
|
MERGE_RESULT=$?
|
|
|
|
if [ "$MERGE_RESULT" -ne 0 ]; then
|
|
echo "merge-in-progress=true" >> $GITHUB_OUTPUT
|
|
|
|
# Check for merge conflicts outside of `lib`. Disable git diff's trailing whitespace check
|
|
# since `node_modules/@types/semver/README.md` fails it.
|
|
if git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/'; then
|
|
echo "Merge conflicts were detected outside of the lib directory. Please resolve them manually."
|
|
git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/' || true
|
|
exit 1
|
|
fi
|
|
|
|
echo "No merge conflicts found outside the lib directory. We should be able to resolve all of" \
|
|
"these by rebuilding the Action."
|
|
fi
|
|
|
|
- name: Compile TypeScript
|
|
run: |
|
|
npm ci
|
|
npm run lint -- --fix
|
|
npm run build
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v6
|
|
with:
|
|
python-version: 3.11
|
|
|
|
- name: Generate workflows
|
|
run: |
|
|
cd pr-checks
|
|
python -m pip install --upgrade pip
|
|
pip install ruamel.yaml==0.17.31
|
|
python3 sync.py
|
|
|
|
- name: "Merge in progress: Finish merge and push"
|
|
if: steps.merge.outputs.merge-in-progress == 'true'
|
|
run: |
|
|
echo "Finishing merge and pushing changes."
|
|
git add --all
|
|
git commit --no-edit
|
|
git push
|
|
|
|
- name: "No merge in progress: Check for changes and push"
|
|
if: steps.merge.outputs.merge-in-progress != 'true'
|
|
id: push
|
|
run: |
|
|
if [ ! -z "$(git status --porcelain)" ]; then
|
|
echo "Changes detected, committing and pushing."
|
|
git add --all
|
|
# If the merge originally had conflicts, finish the merge.
|
|
# Otherwise, just commit the changes.
|
|
if git rev-parse --verify MERGE_HEAD >/dev/null 2>&1; then
|
|
echo "In progress merge detected, finishing it up."
|
|
git merge --continue
|
|
else
|
|
echo "No in-progress merge detected, committing changes."
|
|
git commit -m "Rebuild"
|
|
fi
|
|
echo "Pushing changes"
|
|
git push
|
|
echo "changes=true" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "No changes detected, nothing to commit."
|
|
fi
|
|
|
|
- name: Notify about rebuild
|
|
if: >-
|
|
github.event_name == 'pull_request' &&
|
|
(
|
|
steps.merge.outputs.merge-in-progress == 'true' ||
|
|
steps.push.outputs.changes == 'true'
|
|
)
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
PR_NUMBER: ${{ github.event.pull_request.number }}
|
|
run: |
|
|
echo "Pushed a commit to rebuild the Action." \
|
|
"Please mark the PR as ready for review to trigger PR checks." |
|
|
gh pr comment --body-file - --repo github/codeql-action "$PR_NUMBER"
|
|
gh pr ready --undo --repo github/codeql-action "$PR_NUMBER"
|