зеркало из https://github.com/github/codeql.git
121 строка
4.1 KiB
YAML
121 строка
4.1 KiB
YAML
name: Check framework coverage changes
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- ".github/workflows/csv-coverage-pr-comment.yml"
|
|
- ".github/workflows/csv-coverage-pr-artifacts.yml"
|
|
- ".github/actions/fetch-codeql/action.yml"
|
|
- "*/ql/src/**/*.ql"
|
|
- "*/ql/src/**/*.qll"
|
|
- "*/ql/lib/**/*.ql"
|
|
- "*/ql/lib/**/*.qll"
|
|
- "*/ql/lib/ext/**/*.yml"
|
|
- "misc/scripts/library-coverage/*.py"
|
|
# input data files
|
|
- "*/documentation/library-coverage/cwe-sink.csv"
|
|
- "*/documentation/library-coverage/frameworks.csv"
|
|
branches:
|
|
- main
|
|
- "rc/*"
|
|
|
|
jobs:
|
|
generate:
|
|
name: Generate framework coverage artifacts
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Dump GitHub context
|
|
env:
|
|
GITHUB_CONTEXT: ${{ toJSON(github.event) }}
|
|
run: echo "$GITHUB_CONTEXT"
|
|
- name: Clone self (github/codeql) - MERGE
|
|
uses: actions/checkout@v4
|
|
with:
|
|
path: merge
|
|
- name: Clone self (github/codeql) - BASE
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 2
|
|
path: base
|
|
- run: |
|
|
git checkout HEAD^1
|
|
git log -1 --format='%H'
|
|
working-directory: base
|
|
- name: Set up Python 3.8
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.8
|
|
- name: Download CodeQL CLI
|
|
uses: ./merge/.github/actions/fetch-codeql
|
|
- name: Generate CSV files on merge commit of the PR
|
|
run: |
|
|
echo "Running generator on merge"
|
|
python merge/misc/scripts/library-coverage/generate-report.py ci merge merge
|
|
mkdir out_merge
|
|
cp framework-coverage-*.csv out_merge/
|
|
cp framework-coverage-*.rst out_merge/
|
|
- name: Generate CSV files on base commit of the PR
|
|
run: |
|
|
echo "Running generator on base"
|
|
python base/misc/scripts/library-coverage/generate-report.py ci base base
|
|
mkdir out_base
|
|
cp framework-coverage-*.csv out_base/
|
|
cp framework-coverage-*.rst out_base/
|
|
- name: Generate diff of coverage reports
|
|
run: |
|
|
python base/misc/scripts/library-coverage/compare-folders.py out_base out_merge comparison.md
|
|
- name: Upload CSV package list
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: csv-framework-coverage-merge
|
|
path: |
|
|
out_merge/framework-coverage-*.csv
|
|
out_merge/framework-coverage-*.rst
|
|
- name: Upload CSV package list
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: csv-framework-coverage-base
|
|
path: |
|
|
out_base/framework-coverage-*.csv
|
|
out_base/framework-coverage-*.rst
|
|
- name: Upload comparison results
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: comparison
|
|
path: |
|
|
comparison.md
|
|
- name: Save PR number
|
|
run: |
|
|
mkdir -p pr
|
|
echo ${PR_NUMBER} > pr/NR
|
|
env:
|
|
PR_NUMBER: ${{ github.event.pull_request.number }}
|
|
- name: Upload PR number
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: pr
|
|
path: pr/
|
|
- name: Save comment ID (if it exists)
|
|
run: |
|
|
# Find the latest comment starting with COMMENT_PREFIX
|
|
COMMENT_PREFIX=":warning: The head of this PR and the base branch were compared for differences in the framework coverage reports."
|
|
COMMENT_ID=$(gh api "repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/comments" --paginate | jq --arg prefix "${COMMENT_PREFIX}" 'map(select(.body|startswith($prefix)) | .id) | max // empty')
|
|
if [[ -z ${COMMENT_ID} ]]
|
|
then
|
|
echo "Comment not found. Not uploading 'comment/ID' artifact."
|
|
else
|
|
mkdir -p comment
|
|
echo ${COMMENT_ID} > comment/ID
|
|
fi
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
PR_NUMBER: ${{ github.event.pull_request.number }}
|
|
- name: Upload comment ID (if it exists)
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: comment
|
|
path: comment/
|
|
if-no-files-found: ignore
|