Skip to content

upstream sync

upstream sync #198

Workflow file for this run

name: upstream sync
on:
schedule:
- cron: "0 9 * * *" # run once daily
workflow_dispatch: # allow to manually trigger this workflow
jobs:
sync_upstream:
permissions: write-all
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: backup_sync
- name: Get latest upstream release
run: |
# Fetch the latest release tag from the GitHub API
RAW_RELEASE_TAG=$(curl -L \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/joernio/joern/releases/latest | jq -r .name)
# Process the tag to create the desired format
LATEST_TAG=$(echo "$RAW_RELEASE_TAG" | sed 's/^v//' | sed 's/\./-/g')
# Export to GitHub environment variables
echo "RAW_RELEASE_TAG=$RAW_RELEASE_TAG" >> $GITHUB_ENV
echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV
- name: Create tag branch and merge upstream
run: |
gh api repos/joernio/joern/git/ref/tags/${{ env.RAW_RELEASE_TAG }} --verbose
LATEST_SHA=$(gh api repos/joernio/joern/git/ref/tags/${{ env.RAW_RELEASE_TAG }} --jq '.object.sha')
COMMIT_SHA=$(gh api repos/joernio/joern/git/commits/$LATEST_SHA --jq '.sha')
echo $LATEST_SHA
echo $COMMIT_SHA
gh api repos/Privado-Inc/joern/git/refs \
-X POST \
-f ref="refs/heads/${{ env.LATEST_TAG }}" \
-f sha="$COMMIT_SHA"
--verbose
env:
GITHUB_TOKEN: ${{ secrets.CORE_AT }}
- run: bash ./upstream_sync.sh --branch ${{ env.LATEST_TAG }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create a PR from ${{ env.LATEST_TAG }} to sync
run: gh pr create --repo Privado-Inc/joern -B backup_sync -H ${{ env.LATEST_TAG }} --title 'Merge ${{ env.LATEST_TAG }} to backup_sync' --body 'Created by Github action'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}