From 6da7e4cb846821bc042356c9115eb68f2c2a4a51 Mon Sep 17 00:00:00 2001 From: dilanbhalla <35575727+dilanbhalla@users.noreply.github.com> Date: Fri, 4 Apr 2025 13:53:14 -0700 Subject: [PATCH 1/3] Update sync-main.yml --- .github/workflows/sync-main.yml | 39 ++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/.github/workflows/sync-main.yml b/.github/workflows/sync-main.yml index 99526286026b..481e077e01a0 100644 --- a/.github/workflows/sync-main.yml +++ b/.github/workflows/sync-main.yml @@ -1,14 +1,21 @@ name: Sync Main + on: schedule: - cron: '55 * * * *' + workflow_dispatch: + jobs: + sync-main: + name: Sync-main runs-on: ubuntu-latest if: github.repository == 'microsoft/codeql' permissions: contents: write + pull-requests: write + steps: - name: Checkout uses: actions/checkout@v3 @@ -20,14 +27,15 @@ jobs: run: | git config user.name Dilan Bhalla git config user.email dilanbhalla@microsoft.com - - name: Sync Main - shell: bash + - name: Add and fetch upstream run: | - set -x - git fetch git remote add upstream https://github.com/github/codeql.git git fetch upstream --tags --force - git merge codeql-cli/latest + - name: Create or reset sync branch + run: | + git fetch origin sync-main-pr || true + git checkout -B sync-main-pr origin/main + git merge upstream/codeql-cli/latest --no-edit || true - name: Setup CodeQL shell: bash run: | @@ -41,9 +49,20 @@ jobs: - name: Compile PowerShell Queries run: | codeql query compile --check-only --keep-going powershell/ql/src - - name: Complete Sync - shell: bash + - name: Push sync branch run: | - git push origin main - git push origin --tags --force - + git push origin sync-main-pr --force + - name: Create or update PR + run: | + PR_URL=$(gh pr list --head sync-main-pr --json url --jq '.[0].url') + if [ -z "$PR_URL" ]; then + gh pr create \ + --title "Automated sync from upstream" \ + --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \ + --head sync-main-pr \ + --base main + else + echo "PR already exists: $PR_URL" + fi + env: + GITHUB_TOKEN: ${{ github.token }} From e0b8e20f9bcaa94ae472cad15181ee4346402a2f Mon Sep 17 00:00:00 2001 From: dilanbhalla <35575727+dilanbhalla@users.noreply.github.com> Date: Fri, 4 Apr 2025 13:57:18 -0700 Subject: [PATCH 2/3] Update sync-main.yml --- .github/workflows/sync-main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sync-main.yml b/.github/workflows/sync-main.yml index 481e077e01a0..1f999a62142c 100644 --- a/.github/workflows/sync-main.yml +++ b/.github/workflows/sync-main.yml @@ -25,8 +25,8 @@ jobs: - name: Git config shell: bash run: | - git config user.name Dilan Bhalla - git config user.email dilanbhalla@microsoft.com + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" - name: Add and fetch upstream run: | git remote add upstream https://github.com/github/codeql.git From 2af55138da900c134446f39bd4dfd345e58dce57 Mon Sep 17 00:00:00 2001 From: dilanbhalla <35575727+dilanbhalla@users.noreply.github.com> Date: Fri, 4 Apr 2025 14:00:05 -0700 Subject: [PATCH 3/3] Update sync-main.yml --- .github/workflows/sync-main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/sync-main.yml b/.github/workflows/sync-main.yml index 1f999a62142c..7c929d3832fe 100644 --- a/.github/workflows/sync-main.yml +++ b/.github/workflows/sync-main.yml @@ -3,7 +3,6 @@ name: Sync Main on: schedule: - cron: '55 * * * *' - workflow_dispatch: jobs: