-
Notifications
You must be signed in to change notification settings - Fork 2
166 lines (148 loc) · 7.11 KB
/
generate_samples.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: Update slices
on:
workflow_dispatch:
inputs:
commit-updates:
description: Push updated slices (will only run if initiated by Caroline or Prabhu)
required: false
default: true
type: boolean
commit-msg:
description: Commit message
required: false
default: "Slice update"
type: string
filter-slice-type:
description: Generate only this slice type (either usages or reachables)
required: false
type: string
filter:
description: Generate only for these languages (separated by spaces)
required: true
default: 'java javascript python'
type: string
debug-cmds:
description: Don't execute commands, just print and upload shell files
required: false
type: boolean
default: false
custom-csv:
description: Link to custom sources.csv (Input accepted from Caroline or Prabhu only)
required: false
type: string
run-twice:
description: Run generate.py a second time with custom args
required: false
type: string
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}-${{ inputs.filter }}-${{ inputs.filter-slice-type }}
cancel-in-progress: true
jobs:
generate:
runs-on: ubuntu-latest
steps:
- name: Echo inputs
run: |
echo "commit-updates: ${{ inputs.commit-updates }}"
echo "commit-msg: ${{ inputs.commit-msg }}"
echo "filter-slice-type: ${{ inputs.filter-slice-type }}"
echo "filter: ${{ inputs.filter }}"
echo "debug-cmds: ${{ inputs.debug-cmds }}"
echo "custom-csv: ${{ inputs.custom-csv }}"
echo "run-twice: ${{ inputs.run-twice }}"
echo "github.actor: ${{ github.actor }}"
- uses: actions/checkout@v4
- name: Set up a branch if pushing
if: ${{ inputs.commit-updates && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor) && ! inputs.debug-cmds }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git checkout -B update/slice-update main^0 --
- name: Atom and sdkman install
run: |
npm install -g @appthreat/atom
curl -s "https://get.sdkman.io" | bash
source "/home/runner/.sdkman/bin/sdkman-init.sh"
echo sdkman_auto_answer=true > ~/.sdkman/etc/config
- name: Allow a custom csv
if: inputs.custom-csv && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor)
run: |
curl -o sources.csv ${{ inputs.custom-csv }}
- name: Sample repo cache (python and javascript)
if: contains(inputs.filter, 'python') || contains(inputs.filter, 'javascript') || contains(inputs.run-twice, 'python') || contains(inputs.run-twice, 'javascript')
uses: actions/cache@v3
id: cache
with:
path: |
/home/runner/work/src_repos/python
/home/runner/work/src_repos/javascript
key: ${{ runner.os }}-python-js-sample-repos-${{ hashFiles('sources.csv') }}
- name: Sample repo cache (java)
if: startsWith(inputs.filter,'java') || contains(inputs.run-twice, 'java') || endsWith(inputs.filter,'java') || contains(fromJSON('["python java javascript", "javascript java python"]'), inputs.filter)
uses: actions/cache@v3
id: jcache
with:
path: /home/runner/work/src_repos/java
key: ${{ runner.os }}-java-sample-repos-${{ hashFiles('sources.csv') }}
- name: sdkman install cache
uses: actions/cache@v3
id: sdkman-cache
with:
path: /home/runner/.sdkman/candidates
key: ${{ runner.os }}-sdkman-${{ hashFiles('sources.csv') }}
- name: Generate slices
if: ${{ ! inputs.debug-cmds }}
env:
SDKMAN_DIR: /home/runner/.sdkman
run: |
python generate.py -s ${{ inputs.filter-slice-type }} -i ${{ inputs.filter }}
bash /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh
bash /home/runner/work/atom-samples/atom-samples/atom_commands.sh
python generate.py --cleanup
- name: Optional second run
if: ${{ ! inputs.debug-cmds && inputs.run-twice }}
env:
SDKMAN_DIR: /home/runner/.sdkman
run: |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run1.sh
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run1.sh
python generate.py ${{ inputs.run-twice }}
bash /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh
bash /home/runner/work/atom-samples/atom-samples/atom_commands.sh
python generate.py --cleanup
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run2.sh
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run2.sh
- name: Generate shell scripts only
if: inputs.debug-cmds
run: |
python generate.py --debug-cmds -s ${{ inputs.filter-slice-type }} -i ${{ inputs.filter }}
- name: Generate shell scripts only - second run
if: inputs.debug-cmds && inputs.run-twice
run: |
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run1.sh
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run1.sh
python generate.py --debug-cmds ${{ inputs.run-twice }}
mv /home/runner/work/atom-samples/atom-samples/sdkman_installs.sh /home/runner/work/atom-samples/atom-samples/sdkman_installs-run2.sh
mv /home/runner/work/atom-samples/atom-samples/atom_commands.sh /home/runner/work/atom-samples/atom-samples/atom_commands-run2.sh
- name: Upload slices as artifact
if: ${{ ! inputs.debug-cmds && ! inputs.commit-updates }}
uses: actions/upload-artifact@v3
with:
name: slices
path: /home/runner/work/atom-samples/atom-samples/**/*.json
- name: Upload shell scripts generated as artifact
uses: actions/upload-artifact@v3
with:
name: scripts
path: /home/runner/work/atom-samples/atom-samples/*.sh
- name: Commit, push, and create PR
if: ${{ inputs.commit-updates && ! inputs.debug-cmds && contains(fromJSON('["cerrussell", "prabhu"]'), github.actor) }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git config user.name "Caroline Russell"
git config user.email "caroline@appthreat.dev"
git add ${{ inputs.filter }}
git commit -m "${{ inputs.commit-msg }}"
git push --set-upstream origin update/slice-update
gh pr create --title "${{ inputs.commit-msg }}" --body "Updates for ${{ inputs.filter }}" --reviewer cerrussell,prabhu