Skip to content

CodeQL Create Issues #4

CodeQL Create Issues

CodeQL Create Issues #4

# This workflow generates new issues for CodeQL alerts if they do not exist
# It must be manually triggered
name: "CodeQL Create Issues"
on:
workflow_dispatch:
jobs:
codql-scan-job:
uses: ./.github/workflows/codeql-scan-job.yml
codeql-create-issues-job:
needs: codql-scan-job
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Fetch Alerts
- name: Fetch Alerts
id: fetch-alerts
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const script = require('./github-actions/trigger-issue/create-codeql-issues/fetch-alerts.js');
const fetchAlerts = script({ g: github, c: context });
return fetchAlerts
# Check Existing Issues
- name: Check Existing Issues
id: check-existing-issues
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const script = require('./github-actions/trigger-issue/create-codeql-issues/check-existing-issues.js');
const alerts = ${{ steps.fetch-alerts.outputs.result }};
const checkExistingIssues = script({ g: github, c: context, alerts});
return checkExistingIssues
# Create New Issues
- name: Create New Issues
id: create-new-issues
uses: actions/github-script@v7
with:
github-token: ${{ secrets.HACKFORLA_ADMIN_TOKEN }}
script: |
const script = require('./github-actions/trigger-issue/create-codeql-issues/create-new-issues.js');
const alertIds = ${{ steps.check-existing-issues.outputs.result }};
const newIssues = script({ g: github, c: context, alertIds});