Sync Main #15979
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sync Main | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - .github/workflows/sync-main.yml | |
| schedule: | |
| - cron: '55 * * * *' | |
| jobs: | |
| sync-main: | |
| name: Sync-main | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'microsoft/codeql' | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.WORKFLOW_TOKEN }} | |
| - name: Git config | |
| shell: bash | |
| run: | | |
| git config user.name "dilanbhalla" | |
| git config user.email "dilanbhalla@microsoft.com" | |
| - name: Git checkout auto/sync-main-pr | |
| shell: bash | |
| run: | | |
| git fetch origin | |
| if git ls-remote --exit-code --heads origin auto/sync-main-pr > /dev/null; then | |
| echo "Branch exists remotely. Checking it out." | |
| git checkout -B auto/sync-main-pr origin/auto/sync-main-pr | |
| else | |
| echo "Branch does not exist remotely. Creating from main." | |
| git checkout -B auto/sync-main-pr origin/main | |
| git push -u origin auto/sync-main-pr | |
| fi | |
| - name: Sync origin/main | |
| shell: bash | |
| run: | | |
| echo "::group::Sync with main branch" | |
| git pull origin auto/sync-main-pr; exitCode=$?; if [ $exitCode -ne 0 ]; then exitCode=0; fi | |
| git pull origin main --no-rebase | |
| git push --force origin auto/sync-main-pr | |
| echo "::endgroup::" | |
| - name: Sync upstream/codeql-cli/latest | |
| shell: bash | |
| run: | | |
| echo "::group::Set up remote" | |
| git remote add upstream https://github.com/github/codeql.git | |
| git fetch upstream --tags --force | |
| echo "::endgroup::" | |
| echo "::group::Merge codeql-cli/latest" | |
| set -x | |
| git merge codeql-cli/latest | |
| set +x | |
| echo "::endgroup::" | |
| - name: Push sync branch | |
| run: | | |
| git push origin auto/sync-main-pr | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} | |
| GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} | |
| - name: Create PR if it doesn't exist | |
| shell: bash | |
| run: | | |
| pr_number=$(gh pr list --repo microsoft/codeql --head auto/sync-main-pr --base main --json number --jq '.[0].number') | |
| if [ -n "$pr_number" ]; then | |
| echo "PR from auto/sync-main-pr to main already exists (PR #$pr_number). Exiting gracefully." | |
| else | |
| if git fetch origin main auto/sync-main-pr && [ -n "$(git rev-list origin/main..origin/auto/sync-main-pr)" ]; then | |
| echo "PR does not exist. Creating one..." | |
| gh pr create --repo microsoft/codeql --fill -B main -H auto/sync-main-pr \ | |
| --label 'autogenerated' \ | |
| --title 'Sync Main (autogenerated)' \ | |
| --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \ | |
| --reviewer 'MathiasVP' \ | |
| --reviewer 'ropwareJB' | |
| else | |
| echo "No changes to sync from auto/sync-main-pr to main. Exiting gracefully." | |
| fi | |
| fi | |
| env: | |
| GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} | |