Update slices #38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update slices | |
on: | |
workflow_dispatch: | |
inputs: | |
commit-updates: | |
description: Push updated slices (will only run if initiated by Caroline or Prabhu) | |
required: false | |
default: true | |
type: boolean | |
commit-msg: | |
description: Commit message | |
required: false | |
default: "Slice update" | |
type: string | |
filter-slice-type: | |
description: Generate only this slice type (either usages or reachables) | |
required: false | |
type: string | |
filter: | |
description: Generate only for these languages (separated by spaces) | |
required: true | |
default: 'java javascript python' | |
type: string | |
debug-cmds: | |
description: Don't execute commands, just print and upload shell files | |
required: false | |
type: boolean | |
default: false | |
custom-csv: | |
description: Link to custom sources.csv (Input accepted from Caroline or Prabhu only) | |
required: false | |
type: string | |
run-twice: | |
description: Run generate.py a second time with custom args | |
required: false | |
type: string | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ inputs.filter }}-${{ inputs.filter-slice-type }} | |
cancel-in-progress: true | |
jobs: | |
generate: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Echo inputs | |
run: | | |
echo "commit-updates: ${{ inputs.commit-updates }}" | |
echo "commit-msg: ${{ inputs.commit-msg }}" | |
echo "filter-slice-type: ${{ inputs.filter-slice-type }}" | |
echo "filter: ${{ inputs.filter }}" | |
echo "debug-cmds: ${{ inputs.debug-cmds }}" | |
echo "custom-csv: ${{ inputs.custom-csv }}" | |
echo "run-twice: ${{ inputs.run-twice }}" | |
echo "github.actor: ${{ github.actor }}" | |
- uses: actions/checkout@v4 | |
- name: Set up a branch if pushing | |
if: ${{ inputs.commit-updates && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor) && ! inputs.debug-cmds }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
git checkout -B update/slice-update main^0 -- | |
- name: Atom and sdkman install | |
run: | | |
npm install -g @appthreat/atom | |
curl -s "https://get.sdkman.io" | bash | |
source "/home/runner/.sdkman/bin/sdkman-init.sh" | |
echo sdkman_auto_answer=true > ~/.sdkman/etc/config | |
- name: Allow a custom csv | |
if: inputs.custom-csv && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor) | |
run: | | |
curl -o sources.csv ${{ inputs.custom-csv }} | |
- name: Sample repo cache (python and javascript) | |
if: contains(inputs.filter, 'python') || contains(inputs.filter, 'javascript') || contains(inputs.run-twice, 'python') || contains(inputs.run-twice, 'javascript') | |
uses: actions/cache@v3 | |
id: cache | |
with: | |
path: | | |
/home/runner/work/src_repos/python | |
/home/runner/work/src_repos/javascript | |
key: ${{ runner.os }}-python-js-sample-repos-${{ hashFiles('sources.csv') }} | |
- name: Sample repo cache (java) | |
if: startsWith(inputs.filter,'java') || contains(inputs.run-twice, 'java') || endsWith(inputs.filter,'java') || contains(fromJSON('["python java javascript", "javascript java python"]'), inputs.filter) | |
uses: actions/cache@v3 | |
id: jcache | |
with: | |
path: /home/runner/work/src_repos/java | |
key: ${{ runner.os }}-java-sample-repos-${{ hashFiles('sources.csv') }} | |
- name: sdkman install cache | |
uses: actions/cache@v3 | |
id: sdkman-cache | |
with: | |
path: /home/runner/.sdkman/candidates | |
key: ${{ runner.os }}-sdkman-${{ hashFiles('sources.csv') }} | |
- name: Generate slices | |
if: ${{ ! inputs.debug-cmds }} | |
env: | |
SDKMAN_DIR: /home/runner/.sdkman | |
run: | | |
python generate.py -s ${{ inputs.filter-slice-type }} -i ${{ inputs.filter }} | |
bash /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh | |
bash /home/runner/work/atom-samples/atom-samples/atom_commands.sh | |
python generate.py --cleanup | |
- name: Optional second run | |
if: ${{ ! inputs.debug-cmds && inputs.run-twice }} | |
env: | |
SDKMAN_DIR: /home/runner/.sdkman | |
run: | | |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run1.sh | |
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run1.sh | |
python generate.py ${{ inputs.run-twice }} | |
bash /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh | |
bash /home/runner/work/atom-samples/atom-samples/atom_commands.sh | |
python generate.py --cleanup | |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run2.sh | |
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run2.sh | |
- name: Generate shell scripts only | |
if: inputs.debug-cmds | |
run: | | |
python generate.py --debug-cmds -s ${{ inputs.filter-slice-type }} -i ${{ inputs.filter }} | |
- name: Generate shell scripts only - second run | |
if: inputs.debug-cmds && inputs.run-twice | |
run: | | |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run1.sh | |
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run1.sh | |
python generate.py --debug-cmds ${{ inputs.run-twice }} | |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run2.sh | |
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run2.sh | |
- name: Upload slices as artifact | |
if: ${{ ! inputs.debug-cmds && ! inputs.commit-updates }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: slices | |
path: /home/runner/work/atom-samples/atom-samples/**/*.json | |
- name: Upload shell scripts generated as artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: scripts | |
path: /home/runner/work/atom-samples/atom-samples/*.sh | |
- name: Commit, push, and create PR | |
if: ${{ inputs.commit-updates && ! inputs.debug-cmds && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor) }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
git config user.name "Caroline Russell" | |
git config user.email "caroline@appthreat.dev" | |
git add ${{ inputs.filter }} | |
git commit -m "${{ inputs.commit-msg }}" | |
git push --set-upstream origin update/slice-update | |
gh pr create --title "${{ inputs.commit-msg }}" --body "Updates for ${{ inputs.filter }}" --reviewer cerrussell,prabhu |