CodeQL Create Issues #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow generates new issues for CodeQL alerts if they do not exist | |
# It must be manually triggered | |
name: "CodeQL Create Issues" | |
on: | |
workflow_dispatch: | |
jobs: | |
codql-scan-job: | |
uses: ./.github/workflows/codeql-scan-job.yml | |
codeql-create-issues-job: | |
needs: codql-scan-job | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
# Fetch Alerts | |
- name: Fetch Alerts | |
id: fetch-alerts | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
const script = require('./github-actions/trigger-issue/create-codeql-issues/fetch-alerts.js'); | |
const fetchAlerts = script({ g: github, c: context }); | |
return fetchAlerts | |
# Check Existing Issues | |
- name: Check Existing Issues | |
id: check-existing-issues | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
const script = require('./github-actions/trigger-issue/create-codeql-issues/check-existing-issues.js'); | |
const alerts = ${{ steps.fetch-alerts.outputs.result }}; | |
const checkExistingIssues = script({ g: github, c: context, alerts}); | |
return checkExistingIssues | |
# Create New Issues | |
- name: Create New Issues | |
id: create-new-issues | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{ secrets.HACKFORLA_ADMIN_TOKEN }} | |
script: | | |
const script = require('./github-actions/trigger-issue/create-codeql-issues/create-new-issues.js'); | |
const alertIds = ${{ steps.check-existing-issues.outputs.result }}; | |
const newIssues = script({ g: github, c: context, alertIds}); |