diff --git a/.github/workflows/syncAction.yml b/.github/workflows/syncAction.yml new file mode 100644 index 0000000..ca263b8 --- /dev/null +++ b/.github/workflows/syncAction.yml @@ -0,0 +1,64 @@ +name: Sync Action into Veracode +on: + push: + tags: + - v** + +jobs: + sync: + runs-on: ubuntu-latest + name: Sync Flaws To Issues Repo + +steps: + - name: Checkout flaws-to-issues repo + uses: actions/checkout@v4 + with: + path: flaws-to-issues + + - name: Checkout ghes-actions-integration repo + uses: actions/checkout@v4 + with: + repository: veracode/ghes-actions-integration + token: ${{ secrets.PAT_TOKEN }} + path: ghes-actions-integration + persist-credentials: false + + - name: Copy dist and action.yml files + run: | + cp -r flaws-to-issues/dist ghes-actions-integration/actions/flaws-to-issues/ + cp flaws-to-issues/action.yml ghes-actions-integration/actions/flaws-to-issues/ + + - name: Create branch and push changes + run: | + cd ghes-actions-integration + git config user.name "veracode" + git config user.email "user@veracode.com" + BRANCH_NAME="sync-flaws-to-issues-$(date +%s)" + git checkout -b $BRANCH_NAME + git add actions + + # Only commit and push if there are changes + if ! git diff --cached --quiet; then + git commit -m "Sync Flaws To Issues dist and action.yml" + git push secrets.PAT_TOKEN }}@github.com/veracode/ghes-actions-integration.git $BRANCH_NAME + echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV + echo "CHANGES_MADE=true" >> $GITHUB_ENV + else + echo "No changes to commit" + echo "CHANGES_MADE=false" >> $GITHUB_ENV + fi + + - name: Create Pull Request with GitHub CLI + if: env.CHANGES_MADE == 'true' + run: | + gh pr create \\ + --repo veracode/ghes-actions-integration \\ + --base main \\ + --head ${{ env.BRANCH_NAME }} \\ + --title "Sync latest changes from flaws-to-issues repository" \\ + --body "Sync from flaws-to-issues repository + + - Updated dist folder + - Updated action.yml file" + env: + GH_TOKEN: ${{ secrets.PAT_TOKEN }}