Skip to content

Merge branch 'master' into appsec-ci-run-on-all #1873

Merge branch 'master' into appsec-ci-run-on-all

Merge branch 'master' into appsec-ci-run-on-all #1873

Workflow file for this run

name: Update index
on:
push:
paths:
- 'appsec-configs/**.md'
- 'appsec-configs/**.yaml'
- 'appsec-configs/**.yml'
- 'appsec-rules/**.md'
- 'appsec-rules/**.yaml'
- 'appsec-rules/**.yml'
- 'collections/**.md'
- 'collections/**.yaml'
- 'collections/**.yml'
- 'contexts/**.md'
- 'contexts/**.yaml'
- 'contexts/**.yml'
- 'parsers/**.md'
- 'parsers/**.yaml'
- 'parsers/**.yml'
- 'postoverflows/**.md'
- 'postoverflows/**.yaml'
- 'postoverflows/**.yml'
- 'scenarios/**.md'
- 'scenarios/**.yaml'
- 'scenarios/**.yml'
- '.github/workflows/update-index.yml'
- "*.go"
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v5
with:
go-version: 1.19
- uses: actions/checkout@v4
- name: Create local changes
run: |
go build
./main -target configs
grep -v <.index.json >.index2.json '"classification": null'
mv .index2.json .index.json
- uses: nelonoel/[email protected]
- name: Commit files
if: ${{ github.event_name == 'push'}}
run: |
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git commit -m "Update index" .index.json || exit 0
git pull --rebase origin ${BRANCH_NAME}
- name: Push changes
if: ${{ github.event_name == 'push'}}
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}
run-linter:
runs-on: ubuntu-latest
needs: build
steps:
- name: checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.ref }}
- name: set up python
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pipenv'
- name: install dependencies
run: |
python -m pip install --upgrade pipenv wheel
pipenv install --deploy
- name: hub linter
run: |
pipenv run ./hublint defaults > .hublint.toml
pipenv run ./hublint check --color always --no-warning-details
run-mkindex:
runs-on: ubuntu-latest
needs: build
steps:
- name: checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.ref }}
- name: set up python
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pipenv'
- name: install dependencies
run: |
python -m pip install --upgrade pipenv wheel
pipenv install --deploy
- name: run mkindex
run: |
jq --sort-keys < .index.json >index.json
pipenv run ./mkindex >index-new.json
if ! (cmp -s index.json index-new.json); then
echo "Error: output from mkindex differs from legacy index builder."
diff -u index.json index-new.json
exit 1
fi