github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-06 07:48:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
fe4161a26a8629af62121b670040955b330f9af2
codeql-action/.github/workflows/rebuild.yml
dependabot[bot] 5bd8069afb Bump actions/checkout from 5 to 6 in /.github/workflows 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-11-24 18:01:10 +00:00

141 lines
4.8 KiB
YAML
Raw Blame History

name: Rebuild Action
on:
pull_request:
types: [labeled]
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
rebuild:
name: Rebuild Action
runs-on: ubuntu-latest
if: github.event.label.name == 'Rebuild' || github.event_name == 'workflow_dispatch'
env:
HEAD_REF: ${{ github.event.pull_request.head.ref || github.event.ref }}
BASE_BRANCH: ${{ github.event.pull_request.base.ref || 'main' }}
permissions:
contents: write # needed to push rebuilt commit
pull-requests: write # needed to comment on the PR
steps:
- name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ env.HEAD_REF }}
- name: Remove label
if: github.event_name == 'pull_request'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ github.event.pull_request.number }}
run: |
gh pr edit --repo github/codeql-action "$PR_NUMBER" \
--remove-label "Rebuild"
- name: Configure git
run: |
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --global user.name "github-actions[bot]"
- name: Merge in changes from base branch
id: merge
run: |
git fetch origin "$BASE_BRANCH"
# Allow merge conflicts in `lib`, since rebuilding should resolve them.
git merge "origin/$BASE_BRANCH" || echo "Merge conflicts detected, continuing."
MERGE_RESULT=$?
if [ "$MERGE_RESULT" -ne 0 ]; then
echo "merge-in-progress=true" >> $GITHUB_OUTPUT
# Check for merge conflicts outside of `lib`. Disable git diff's trailing whitespace check
# since `node_modules/@types/semver/README.md` fails it.
if git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/'; then
echo "Merge conflicts were detected outside of the lib directory. Please resolve them manually."
git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/' || true
exit 1
fi
echo "No merge conflicts found outside the lib directory. We should be able to resolve all of" \
"these by rebuilding the Action."
fi
- name: Compile TypeScript
run: |
npm ci
npm run lint -- --fix
npm run build
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: 3.11
- name: Sync back version updates to generated workflows
# Only sync back versions on Dependabot update PRs
if: startsWith(env.HEAD_REF, 'dependabot/')
working-directory: pr-checks
run: |
python3 sync_back.py -v
- name: Generate workflows
working-directory: pr-checks
run: |
python -m pip install --upgrade pip
pip install ruamel.yaml==0.17.31
python3 sync.py
- name: "Merge in progress: Finish merge and push"
if: steps.merge.outputs.merge-in-progress == 'true'
run: |
echo "Finishing merge and pushing changes."
git add --all
git commit --no-edit
git push
- name: "No merge in progress: Check for changes and push"
if: steps.merge.outputs.merge-in-progress != 'true'
id: push
run: |
if [ ! -z "$(git status --porcelain)" ]; then
echo "Changes detected, committing and pushing."
git add --all
# If the merge originally had conflicts, finish the merge.
# Otherwise, just commit the changes.
if git rev-parse --verify MERGE_HEAD >/dev/null 2>&1; then
echo "In progress merge detected, finishing it up."
git merge --continue
else
echo "No in-progress merge detected, committing changes."
git commit -m "Rebuild"
fi
echo "Pushing changes"
git push
echo "changes=true" >> $GITHUB_OUTPUT
else
echo "No changes detected, nothing to commit."
fi
- name: Notify about rebuild
if: >-
github.event_name == 'pull_request' &&
(
steps.merge.outputs.merge-in-progress == 'true' ||
steps.push.outputs.changes == 'true'
)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ github.event.pull_request.number }}
run: |
echo "Pushed a commit to rebuild the Action." \
"Please mark the PR as ready for review to trigger PR checks." |
gh pr comment --body-file - --repo github/codeql-action "$PR_NUMBER"
gh pr ready --undo --repo github/codeql-action "$PR_NUMBER"
Reference in New Issue View Git Blame Copy Permalink