Sync CodeQL Bundle #601

Workflow file for this run

.github/workflows/sync-codeql-bundle.yml at 3c34726

	# Write a workflows that:
	## worklow is triggered by cron job or manually
	## run every day at 00:00 UTC
	## - get current version of codeql bundle by command: curl --silent "https://api.github.com/repos/github/codeql-action/releases/latest" \| grep -E -o -m 1 'v([0-9]+)\.([0-9]+)\.([0-9]+)' \| head -n 1
	## - get current release tag of this repo
	## - compare them
	## - if not match, trigger new release

	name: Sync CodeQL Bundle
	on:
	workflow_dispatch:
	schedule:
	- cron: '0 0 * * *'
	defaults:
	run:
	working-directory: .
	jobs:
	sync-with-codeql-bundle:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	- name: Check CodeQL Bundle version
	id: check
	run: \|
	git fetch --prune --unshallow
	CODEQL_BUNDLE_VERSION="$(curl --silent "https://api.github.com/repos/github/codeql-action/releases/latest" \| grep -E -o -m 1 'v([0-9]+)\.([0-9]+)\.([0-9]+)' \| head -n 1)"
	CODEQL_AGENT_VERSION="$(git ls-remote --tags origin\| awk -F/ '{print $3}' \| sort -V \| tail -1)"
	echo "CodeQL Bundle version: $CODEQL_BUNDLE_VERSION"
	echo "CodeQL Agent version: $CODEQL_AGENT_VERSION"
	if [ "$CODEQL_BUNDLE_VERSION" = "$CODEQL_AGENT_VERSION" ]; then
	echo "CodeQL Agent is up to date."
	echo "update=false" >> $GITHUB_OUTPUT
	else
	echo "CodeQL Agent is outdated."
	echo "update=true" >> $GITHUB_OUTPUT
	echo "tag=$CODEQL_BUNDLE_VERSION" >> $GITHUB_OUTPUT
	fi
	- name: Create Release
	if: ${{ steps.check.outputs.update == 'true' }}
	run: gh release create ${{steps.check.outputs.tag}} --notes "Update to CodeQL version ${{steps.check.outputs.tag}}" -t "${{steps.check.outputs.tag}}"
	env:
	GITHUB_TOKEN: ${{ secrets.PAT }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sync CodeQL Bundle #601

Workflow file

Sync CodeQL Bundle #601

Jobs

Run details

Workflow file for this run