github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-01-04 05:30:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add permissions block to workflow

Browse Source
This commit is contained in:
Andrew Eisenberg
2022-05-02 11:30:43 -07:00
parent 0fb78380f8
commit 06d4e82bd2
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/update-required-checks.yml vendored
View File

@@ -22,13 +22,15 @@ jobs:
run: echo "$GITHUB_CONTEXT"
- name: Update checks
env:
GITHUB_TOKEN: "${{ secrets.CODEQL_CI_TOKEN }}"
run: |
# Update the required checks based on the current branch.
# Typically, this will be main.
echo "Getting checks for $GITHUB_SHA"
# Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") | not)] | sort')"
CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update-") | not)] | sort')"
echo "::group::New Checks"
echo "$CHECKS" | jq