Release vulnerabilites check #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release vulnerabilites check | |
| on: | |
| workflow_dispatch: | |
| workflow_call: | |
| permissions: | |
| contents: write | |
| jobs: | |
| find-previous-tag: | |
| name: Find prior tag | |
| runs-on: ubuntu-latest | |
| outputs: | |
| previous-tag: refs/tags/${{ steps.find-prior-release.previous-tag }} | |
| steps: | |
| - id: checkout | |
| name: Checkout sources | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - id: find-prior-release | |
| name: Find prior release | |
| run: | | |
| version_maybe_snapshot=$(cat version.txt) | |
| version=$(echo $version_maybe_snapshot | sed -e "s/-SNAPSHOT//") | |
| major_version=$(echo $version | cut --delimiter=. --field=1) | |
| minor_version=$(echo $version | cut --delimiter=. --field=2) | |
| patch_version=$(echo $version | cut --delimiter=. --field=3) | |
| echo My current version is $version | |
| echo $(git tag --list '*.*.*' --sort=version:refname) | |
| for tag in $(git tag --list '*.*.*' --sort=version:refname); do | |
| echo Current tag is $tag | |
| current_major_version=$(echo $tag | cut --delimiter=. --field=1) | |
| current_minor_version=$(echo $tag | cut --delimiter=. --field=2) | |
| current_patch_version=$(echo $tag | cut --delimiter=. --field=3) | |
| if [[ $current_major_version -gt $major_version ]] || \ | |
| [[ $current_major_version -eq $major_version && $current_minor_version -gt $minor_version ]] || \ | |
| [[ $current_major_version -eq $major_version && $current_minor_version -eq $minor_version && $current_patch_version -gt $patch_version ]] || \ | |
| [[ $current_major_version -eq $major_version && $current_minor_version -eq $minor_version && $current_patch_version -eq $patch_version ]] | |
| then | |
| echo $tag | |
| break | |
| else | |
| previous_tag=$tag | |
| fi | |
| done | |
| echo "previous_tag=$previous_tag" >> $GITHUB_OUTPUT | |
| # base-dependency-submission: | |
| # name: Submit dependencies for prior release | |
| # needs: find-previous-tag | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout sources | |
| # id: checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ needs.find-previous-tag.outputs.previous-tag }} | |
| # - name: Setup Java | |
| # id: setup-java | |
| # uses: actions/setup-java@v4 | |
| # with: | |
| # distribution: 'zulu' | |
| # java-version: 8 | |
| # - name: Generate and submit dependency graph | |
| # uses: gradle/actions/dependency-submission@v3 | |
| # | |
| # head-dependency-submission: | |
| # name: Submit dependencies for release | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout sources | |
| # id: checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ github.ref }} | |
| # - name: Setup Java | |
| # id: setup-java | |
| # uses: actions/setup-java@v4 | |
| # with: | |
| # distribution: 'zulu' | |
| # java-version: 8 | |
| # - name: Generate and submit dependency graph | |
| # uses: gradle/actions/dependency-submission@v3 | |
| # | |
| # dependency-review: | |
| # runs-on: ubuntu-latest | |
| # needs: [ base-dependency-submission, head-dependency-submission ] | |
| # steps: | |
| # - name: 'Dependency Review' | |
| # uses: actions/dependency-review-action@v4 | |
| # with: | |
| # base-ref: ${{ needs.find-previous-tag.outputs.previous-tag }} | |
| # head-ref: ${{ github.ref }} |