1010 - cron : ' 55 * * * *'
1111
1212jobs :
13-
1413 sync-main :
15-
1614 name : Sync-main
1715 runs-on : ubuntu-latest
1816 if : github.repository == 'microsoft/codeql'
@@ -28,46 +26,59 @@ jobs:
2826 - name : Git config
2927 shell : bash
3028 run : |
31- git config user.name "github-actions[bot]"
32- git config user.email "github-actions[bot]@users.noreply.github.com"
33- name : Add and fetch upstream
29+ git config user.name "dilanbhalla"
30+ git config user.email "[email protected] " 31+ name : Git checkout auto/sync-main-pr
32+ shell : bash
3433 run : |
35- echo "::group::Fetch and set up remotes"
36- git fetch
34+ git fetch origin
35+ if git ls-remote --exit-code --heads origin auto/sync-main-pr > /dev/null; then
36+ echo "Branch exists remotely. Checking it out."
37+ git checkout -B auto/sync-main-pr origin/auto/sync-main-pr
38+ else
39+ echo "Branch does not exist remotely. Creating from main."
40+ git checkout -B auto/sync-main-pr origin/main
41+ git push -u origin auto/sync-main-pr
42+ fi
43+ name : Sync origin/main
44+ shell : bash
45+ run : |
46+ echo "::group::Sync with main branch"
47+ git pull origin auto/sync-main-pr; exitCode=$?; if [ $exitCode -ne 0 ]; then exitCode=0; fi
48+ git pull origin main --no-rebase
49+ git push --force origin auto/sync-main-pr
50+ echo "::endgroup::"
51+ name : Sync upstream/codeql-cli/latest
52+ shell : bash
53+ run : |
54+ echo "::group::Set up remote"
3755 git remote add upstream https://github.com/github/codeql.git
3856 git fetch upstream --tags --force
3957 echo "::endgroup::"
40-
41- echo "::group::Checkout and merge"
58+ echo "::group::Merge codeql-cli/latest"
4259 set -x
43- git fetch origin sync-main-pr || true
44- git checkout -B sync-main-pr origin/main
4560 git merge codeql-cli/latest
4661 set +x
4762 echo "::endgroup::"
4863name : Push sync branch
4964 run : |
50- git push origin sync-main-pr --force
51- # Ensure branch is visible to GitHub
52- gh api repos/:owner/:repo/branches/sync-main-pr || {
53- echo "Branch not yet visible to GitHub — waiting a bit more"
54- sleep 10
55- }
56- name : Create or update PR
65+ git push origin auto/sync-main-pr
66+ env :
67+ GH_TOKEN : ${{ secrets.WORKFLOW_TOKEN }}
68+ - name : Create PR if it doesn't exist
69+ shell : bash
5770 run : |
58- gh api repos/:owner/:repo/branches/sync-main-pr
59- PR_URL=$(gh pr list --head sync-main-pr --json url --jq '.[0].url')
60- if [ -z "$PR_URL" ]; then
61- gh pr create \
62- --title "Automated sync from upstream" \
63- --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \
64- --head sync-main-pr \
65- --base main
71+ pr_number=$(gh pr list --repo microsoft/codeql --head auto/sync-main-pr --base main --json number --jq '.[0].number')
72+ if [ -n "$pr_number" ]; then
73+ echo "PR from auto/sync-main-pr to main already exists (PR #$pr_number). Exiting gracefully."
6674 else
67- echo "PR already exists: $PR_URL"
75+ echo "PR does not exist. Creating one..."
76+ gh pr create --repo microsoft/codeql --fill -B main -H auto/sync-main-pr \
77+ --label 'autogenerated' \
78+ --title 'Sync Main (autogenerated)' \
79+ --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \
80+ --reviewer 'MathiasVP'
81+ --reviewer 'ropwareJB'
6882 fi
69- exit 0
7083env :
7184 GH_TOKEN : ${{ secrets.WORKFLOW_TOKEN }}
72- GITHUB_TOKEN : ${{ secrets.WORKFLOW_TOKEN }}
73-
0 commit comments