1+ name : Sync Action into Veracode
2+ on :
3+ push :
4+ tags :
5+ - v**
6+
7+ jobs :
8+ sync :
9+ runs-on : ubuntu-latest
10+ name : Sync Veracode SCA Repo
11+
12+ steps :
13+ - name : Checkout veracode-sca repo
14+ uses : actions/checkout@v4
15+ with :
16+ path : veracode-sca
17+
18+ - name : Checkout ghes-actions-integration repo
19+ uses : actions/checkout@v4
20+ with :
21+ repository : veracode/ghes-actions-integration
22+ token : ${{ secrets.PAT_TOKEN }}
23+ path : ghes-actions-integration
24+ persist-credentials : false
25+
26+ - name : Copy dist and action.yml files
27+ run : |
28+ cp -r veracode-sca/dist ghes-actions-integration/actions/sca-scan/
29+ cp veracode-sca/action.yml ghes-actions-integration/actions/sca-scan/
30+
31+ name : Create branch and push changes
32+ run : |
33+ cd ghes-actions-integration
34+ git config user.name "santhoshVC92"
35+ git config user.email "[email protected] " 36+ BRANCH_NAME="sync-sca-$(date +%s)"
37+ git checkout -b $BRANCH_NAME
38+ git add actions
39+
40+ # Only commit and push if there are changes
41+ if ! git diff --cached --quiet; then
42+ git commit -m "Sync Veracode SCA dist and action.yml"
43+ git push <https://x-access-token:${{> secrets.PAT_TOKEN }}@github.com/veracode/ghes-actions-integration.git $BRANCH_NAME
44+ echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
45+ echo "CHANGES_MADE=true" >> $GITHUB_ENV
46+ else
47+ echo "No changes to commit"
48+ echo "CHANGES_MADE=false" >> $GITHUB_ENV
49+ fi
50+
51+ name : Create Pull Request with GitHub CLI
52+ if : env.CHANGES_MADE == 'true'
53+ run : |
54+ gh pr create \\
55+ --repo veracode/ghes-actions-integration \\
56+ --base main \\
57+ --head ${{ env.BRANCH_NAME }} \\
58+ --title "Sync latest changes from veracode-sca repository" \\
59+ --body "Sync from veracode-sca repository
60+
61+ - Updated dist folder
62+ - Updated action.yml file"
63+ env :
64+ GH_TOKEN : ${{ secrets.PAT_TOKEN }}
0 commit comments