SONARXML-322 Create UpdateRuleMetadata.yml (#425)

tomasz-tylenda-sonarsource · web-flow · commit e9e8b9c34c70 · 2026-02-25T15:34:17.000+01:00
diff --git a/.github/workflows/UpdateRuleMetadata.yml b/.github/workflows/UpdateRuleMetadata.yml
@@ -0,0 +1,73 @@
+name: Update Rule Metadata
+
+on: workflow_dispatch
+
+env:
+  PR_BRANCH_NAME: "gh-action/update-rule-metadata.${{ github.run_id }}"
+
+jobs:
+  UpdateRuleMetadata_job:
+    name: Update Rule Metadata
+    runs-on: github-ubuntu-latest-s
+    permissions:
+      pull-requests: write
+      contents: write
+      id-token: write
+
+    steps:
+
+      - name: Checkout Sources
+        uses: actions/checkout@v4
+
+      - name: Setup JFrog
+        uses: SonarSource/jfrog-setup-wrapper@v3
+        with:
+          artifactoryRoleSuffix: private-reader
+
+      - name: Setup Rule API
+        run: |
+          jfrog rt curl -sLf "sonarsource-private-releases/com/sonarsource/rule-api/rule-api/%5BRELEASE%5D/rule-api-%5BRELEASE%5D.jar" -o rule-api.jar
+          echo "Latest com.sonarsource.rule-api:rule-api release:"
+          jar xf rule-api.jar META-INF/MANIFEST.MF
+          grep 'Implementation-Version' META-INF/MANIFEST.MF
+        working-directory: /tmp
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+
+      - name: Getting Vault Secrets
+        id: secrets
+        uses: SonarSource/vault-action-wrapper@320bd31b03e5dacaac6be51bbbb15adf7caccc32 # v3.1.0
+        with:
+          secrets: |
+            development/github/token/{REPO_OWNER_NAME_DASH}-rspec token | GITHUB_TOKEN_RSPEC;
+
+      - name: Update Files
+        env:
+          GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN_RSPEC }}
+        run: |
+          java -jar "/tmp/rule-api.jar" update
+          java -jar "/tmp/rule-api.jar" generate -rule XPathCheck
+          cp sonar-xml-plugin/src/main/resources/org/sonar/l10n/xml/rules/xml/S140.html sonar-xml-plugin/src/main/resources/org/sonar/l10n/xml/rules/xml/XPathCheck.html
+          cp sonar-xml-plugin/src/main/resources/org/sonar/l10n/xml/rules/xml/S140.json sonar-xml-plugin/src/main/resources/org/sonar/l10n/xml/rules/xml/XPathCheck.json
+
+      - name: Create PR
+        id: create-pr
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          git config user.name "${GITHUB_ACTOR}"
+          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
+          git checkout -b "${{ env.PR_BRANCH_NAME }}"
+          git commit -m 'Update rule metadata' -a
+          git push --set-upstream origin "${{ env.PR_BRANCH_NAME }}"
+          URL=$(gh pr create -B master --title 'Update rule metadata' --body '')
+          echo "url=${URL}" >> $GITHUB_OUTPUT
+
+      - name: Summary
+        run: |
+          echo "Generated ${{steps.create-pr.outputs.url}}." >> $GITHUB_STEP_SUMMARY
+          echo "Tip: close and reopen the PR to trigger CI. " >> $GITHUB_STEP_SUMMARY
