GHA SAST comparisons #23
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # yaml-language-server: $schema=https://json.schemastore.org/github-workflow | |
| name: Tidy up | |
| on: | |
| pull_request: | |
| types: [closed] | |
| permissions: {} | |
| jobs: | |
| find: | |
| name: Find PRs | |
| permissions: | |
| pull-requests: write | |
| runs-on: ubuntu-24.04 | |
| if: ${{ github.repository == 'johnbillion/plugin-infrastructure' }} | |
| timeout-minutes: 5 | |
| outputs: | |
| prs: ${{ steps.find-prs.outputs.result }} | |
| steps: | |
| - name: Find PRs | |
| uses: actions/github-script@v7 | |
| id: find-prs | |
| with: | |
| script: | #js | |
| const pr = await github.rest.pulls.get({ | |
| owner: 'johnbillion', | |
| repo: 'plugin-infrastructure', | |
| pull_number: context.issue.number | |
| }); | |
| const labels = pr.data.labels.map(label => label.name); | |
| const prs = {}; | |
| for (const label of labels) { | |
| // label is in the format "pr:{repo}:{pr_number}", i.e. "pr:query-monitor:123" | |
| const [_, repo, pr_number] = label.split(':'); | |
| if (!pr_number) { | |
| continue; | |
| } | |
| await github.rest.issues.deleteLabel({ | |
| owner: 'johnbillion', | |
| repo: 'plugin-infrastructure', | |
| name: label, | |
| }); | |
| prs[repo] = pr_number; | |
| } | |
| return prs; | |
| close: | |
| name: Close PRs / ${{ matrix.plugin }} | |
| permissions: {} | |
| runs-on: ubuntu-24.04 | |
| needs: find | |
| timeout-minutes: 5 | |
| strategy: | |
| matrix: | |
| plugin: | |
| - extended-cpts | |
| - query-monitor | |
| - user-switching | |
| - wp-crontrol | |
| fail-fast: false | |
| steps: | |
| - name: Close PR | |
| uses: actions/github-script@v7 | |
| env: | |
| PRS: ${{ needs.find.outputs.prs }} | |
| PLUGIN: ${{ matrix.plugin }} | |
| with: | |
| script: | #js | |
| const prs = JSON.parse( process.env.PRS); | |
| if ( prs.hasOwnProperty( process.env.PLUGIN ) ) { | |
| const pr_number = prs[process.env.PLUGIN]; | |
| // Fetch the PR | |
| const pr = await github.rest.pulls.get({ | |
| owner: 'johnbillion', | |
| repo: process.env.PLUGIN, | |
| pull_number: pr_number, | |
| }); | |
| // Close the PR | |
| await github.rest.pulls.update({ | |
| owner: 'johnbillion', | |
| repo: process.env.PLUGIN, | |
| pull_number: pr_number, | |
| state: 'closed', | |
| }); | |
| // Delete its branch | |
| await github.rest.git.deleteRef({ | |
| owner: 'johnbillion', | |
| repo: process.env.PLUGIN, | |
| ref: `heads/${pr.data.head.ref}`, | |
| }); | |
| } else { | |
| console.log(`No PR found for ${process.env.PLUGIN}`); | |
| } | |
| github-token: ${{ secrets.PLUGINS_PUSH_TOKEN }} |