forked from opensearch-project/opensearch-build
-
Notifications
You must be signed in to change notification settings - Fork 0
63 lines (62 loc) · 2.04 KB
/
add-cve-label.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
name: Add CVE Label
on:
issues:
types:
- labeled
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
add-comment:
if: ${{ contains(github.event.label.name, 'dependency security vulnerability') }}
runs-on: ubuntu-latest
steps:
- name: Get Issue Title
id: get_title
run: |
issue_title="${{ github.event.issue.title }}"
severity="$(echo $issue_title | sed -n 's/.*(\(.*\)).*/\1/p')"
echo "severity=$severity" >> $GITHUB_ENV
- name: Check and Create label
id: check_create_label
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
result-encoding: string
script: |
const labelName = "${{ env.severity }}";
let labelFound = false;
try {
const label = await github.rest.issues.getLabel({
owner: context.repo.owner,
repo: context.repo.repo,
name: labelName
});
labelFound = true;
} catch (error) {
if (error.status === 404) {
const randomColor = Math.floor(Math.random() * 16777215).toString(16);
const newLabel = {
owner: context.repo.owner,
repo: context.repo.repo,
name: labelName,
color: randomColor,
description: "CVE severity " + labelName
};
await github.rest.issues.createLabel(newLabel);
labelFound = true;
} else {
throw error;
}
}
console.log(labelFound);
return labelFound
- name: Add CVE Label
uses: actions/github-script@v6
with:
script: |
github.rest.issues.addLabels({
issue_number: ${{ github.event.issue.number }},
owner: context.repo.owner,
repo: context.repo.repo,
labels: ${{ env.severity }}
})