Merge remote-tracking branch 'upstream/main' #360
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | name: process_commits | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags-ignore: | |
| - simple_driller | |
| paths-ignore: | |
| - '.github/**' | |
| workflow_dispatch: | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # This workflow contains a single job called "build" | |
| add_tags: | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| path: code_to_process | |
| token: ${{secrets.VUL_DRILLER_TOKEN}} | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: CERTCC/git_vul_driller | |
| path: git_vul_driller | |
| # Sets up python | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.8' | |
| - name: setup my env | |
| run: | | |
| pushd git_vul_driller | |
| python --version | |
| pip install -r simple_driller_requirements.txt | |
| python setup.py install | |
| - name: config | |
| run: | | |
| git config --global user.name 'certcc-ghbot' | |
| git config --global user.email 'cert+ghbot@cert.org' | |
| - name: process commits | |
| run: | | |
| # env | |
| echo WORKSPACE ${GITHUB_WORKSPACE} | |
| REPOPATH=${GITHUB_WORKSPACE}/code_to_process | |
| echo REPOPATH ${REPOPATH} | |
| pushd ${GITHUB_WORKSPACE} | |
| touch new_tags.txt | |
| simple_driller ${REPOPATH} | |
| - name: push new_tags | |
| run: | | |
| pushd ${GITHUB_WORKSPACE}/code_to_process | |
| # github tends to choke when you try to push too many tags at once | |
| cat ${GITHUB_WORKSPACE}/new_tags.txt | xargs -n100 git push --force origin | |
| - name: remove simple_driller tag | |
| run: | | |
| pushd ${GITHUB_WORKSPACE}/code_to_process | |
| git push --delete origin simple_driller | |
| - name: add simple_driller tag | |
| if: ${{ always() }} | |
| run: | | |
| pushd ${GITHUB_WORKSPACE}/code_to_process | |
| git push origin simple_driller |