Skip to content

chore(deps): bump github/codeql-action from 2.21.6 to 2.21.7 #197

chore(deps): bump github/codeql-action from 2.21.6 to 2.21.7

chore(deps): bump github/codeql-action from 2.21.6 to 2.21.7 #197

Workflow file for this run

name: Pre-Analysis
on:
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
permissions:
contents: read
jobs:
packages:
if: ${{ !github.event.pull_request.draft }}
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v3
- uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3
with:
node-version: '16'
- run: npm ci
- id: pr-changed-files
uses: jitterbit/get-changed-files@b17fbb00bdc0c0f63fcf166580804b4d2cdc2a42 # v1
with:
format: 'json'
- name: "Retrieve updated packages"
id: pr-updated-packages
run: |
readarray -t updated_files <<<"$(jq -r '.[]' <<<'${{ steps.pr-changed-files.outputs.added_modified }}')"
packages=()
for updated_file in ${updated_files[@]}; do
echo "Processing updated file: ${updated_file}."
if [[ ${updated_file} == *package.yaml ]]; then
packages+=("${updated_file}")
fi
done
PACKAGES_JSON=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${packages[@]}")
echo "packages_json=$PACKAGES_JSON" >> $GITHUB_ENV
- name: "Retrieve bundles files"
id: pr-bundles
run: |
readarray -t packages <<<"$(jq -r '.[]' <<<'${{ env.packages_json }}')"
bundles=()
for package in ${packages[@]}; do
echo "Retrieving bundles for package ${package}."
echo $(yq -e '.bundles[].downloadUrl' ${package})
readarray -t package_bundles <<<"$(yq -e '.bundles[].downloadUrl' ${package})"
for bundle in ${package_bundles[@]}; do
bundles+=("${bundle}")
echo " Adding bundle ${bundle} for analysis"
done
done
BUNDLES_JSON=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${bundles[@]}")
mkdir -p ./pr-artifacts
echo $BUNDLES_JSON > ./pr-artifacts/bundles.json
- name: Save PR number
if: ${{ always() }}
run: |
echo ${{ github.event.number }} > ./pr-artifacts/pr-number
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
if: ${{ always() }}
with:
name: pr-artifacts
path: pr-artifacts/