open source package publish

Dilan Bhalla · Dilan Bhalla · commit a6fe1b5ed19b · 2025-01-31T15:33:54.000-08:00
diff --git a/.github/workflows/microsoft-codeql-pack-publish.yml b/.github/workflows/microsoft-codeql-pack-publish.yml
@@ -0,0 +1,75 @@
+name: Fetch CodeQL
+description: Fetches the latest version of CodeQL
+
+on:
+  push:
+    branches:
+      - dilan/publish-opensource-packs
+
+jobs:
+  codeqlversion:
+    runs-on: ubuntu-latest
+    outputs:
+      codeql_version: ${{ steps.set_codeql_version.outputs.codeql_version }}
+    steps:
+      - name: Set CodeQL Version
+        id: set_codeql_version
+        run: |
+            CURRENT_COMMIT=$(git rev-list -1 HEAD)
+            CURRENT_TAG=$(git describe --tags --abbrev=0 --match 'codeql-cli/v*' $CURRENT_COMMIT)
+            CURRENT_VERSION="${CURRENT_TAG#codeql-cli/}"
+            echo "CODEQL_VERSION=$CURRENT_TAG" >> $GITHUB_OUTPUT
+  publish:
+    needs: codeqlversion
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        language: ['csharp', 'cpp', 'java', 'javascript', 'python', 'ruby', 'go', 'rust', 'swift', 'powershell']
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    - name: Prepare Publish
+      shell: bash
+      run: |
+        # Download latest qlpack
+        gh codeql pack download "microsoft/$LANGUAGE-queries"
+        PACK_DIR="$HOME/.codeql/packages/microsoft/$LANGUAGE"
+        VERSION_COUNT=$(ls -d "$PACK_DIR"/*/ | wc -l)
+        [[ "$VERSION_COUNT" -ne 1 ]] && { echo "Expected exactly one version in $PACK_DIR, but found $VERSION_COUNT. Exiting."; exit 1; }
+
+        # Increment version
+        CURRENT_VERSION=$(ls -v "$PACK_DIR" | tail -n 1)
+        MAJOR=$(echo "$CURRENT_VERSION" | cut -d. -f1)
+        MINOR=$(echo "$CURRENT_VERSION" | cut -d. -f2)
+        PATCH=$(echo "$CURRENT_VERSION" | cut -d. -f3)
+        NEXT_VERSION="$MAJOR.$MINOR.$((PATCH + 1))"
+
+        # Extract dependencies from the existing qlpack.yml before deleting
+        DEPENDENCIES=$(yq '.dependencies' "$LANGUAGE/ql/src/qlpack.yml" 2>/dev/null || echo "")
+        rm -f "$LANGUAGE/ql/src/qlpack.yml" "$LANGUAGE/ql/src/qlpack.lock"
+
+        # Create new qlpack.yml with modified content
+        cat <<EOF > "$LANGUAGE/ql/src/qlpack.yml"
+        name: microsoft/$LANGUAGE-queries
+        version: $NEXT_VERSION
+        groups:
+          - $LANGUAGE
+          - queries
+        suites: microsoft-suites
+        defaultSuiteFile: microsoft-suites/sdl-required.qls
+        $DEPENDENCIES
+        EOF
+
+        cat "$LANGUAGE/ql/src/qlpack.yml"
+      env:
+        LANGUAGE: ${{ matrix.language }}
+    - name: Prepare Publish
+      shell: bash
+      run: |
+        echo "___________________________________________________________"
+        cat "$LANGUAGE/ql/src/qlpack.yml"
+        echo "___________________________________________________________"
+        gh pack publish --dry-run "$LANGUAGE/ql/src"
+      env:
+        GITHUB_TOKEN: ${{ secrets.PACKAGE_PUBLISH }}
+        LANGUAGE: ${{ matrix.language }}
