Skip to content

Commit f1db66a

Browse files
author
Alvaro Muñoz
authored
Update hotspots.yml
1 parent c020a87 commit f1db66a

File tree

1 file changed

+23
-26
lines changed

1 file changed

+23
-26
lines changed

.github/workflows/hotspots.yml

Lines changed: 23 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -79,12 +79,11 @@ jobs:
7979
- name: Patch the CodeQL distro
8080
working-directory: codeql-community-packs
8181
run: |
82-
ls -la "$GITHUB_WORKSPACE/codeql-community-packs/ql/hotspots/Hotspots.ql"
8382
pip install pandas
84-
python scripts/generate-hotspots-queries.py \
83+
python ql/hotspots/scripts/generate-hotspots-queries.py \
8584
--ql-extractor "$GITHUB_WORKSPACE/codeql/ql/extractor-pack" \
8685
--ql-path "$GITHUB_WORKSPACE/codeql"
87-
python scripts/patch-codeql.py \
86+
python ql/hotspots/scripts/patch-codeql.py \
8887
--hotspots "$GITHUB_WORKSPACE/codeql-community-packs/ql/hotspots/output" \
8988
--ql "$GITHUB_WORKSPACE/codeql" \
9089
--dest "$GITHUB_WORKSPACE/codeql-patched" \
@@ -97,27 +96,25 @@ jobs:
9796
env:
9897
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
9998
run: |
100-
PUBLISHED_VERSION=$(gh api /orgs/githubsecuritylab/packages/container/hotspots-${{ matrix.language }}-all/versions --jq '.[0].metadata.container.tags[0]')
101-
CURRENT_VERSION=$(grep version ${{ matrix.language }}/ql/lib/qlpack.yml | awk '{print $2}')
99+
for LANG in "cpp" "csharp" "go" "java" "javascript" "python" "ruby" "swift"
100+
do
101+
echo "Processing $LANG packs"
102+
PUBLISHED_VERSION=$(gh api /orgs/githubsecuritylab/packages/container/hotspots-$LANG-all/versions --jq '.[0].metadata.container.tags[0]')
103+
CURRENT_VERSION=$(grep version $LANG/ql/lib/qlpack.yml | awk '{print $2}')
104+
echo "Published lib version: $PUBLISHED_VERSION"
105+
echo "Local lib version: $CURRENT_VERSION"
106+
if [ "$PUBLISHED_VERSION" != "$CURRENT_VERSION" ]; then
107+
codeql pack install "$LANG/ql/lib"
108+
codeql pack publish "$LANG/ql/lib"
109+
fi
110+
111+
PUBLISHED_VERSION=$(gh api /orgs/githubsecuritylab/packages/container/hotspots-$LANG-queries/versions --jq '.[0].metadata.container.tags[0]')
112+
CURRENT_VERSION=$(grep version $LANG/ql/src/qlpack.yml | awk '{print $2}')
113+
echo "Published queries version: $PUBLISHED_VERSION"
114+
echo "Local queries version: $CURRENT_VERSION"
115+
if [ "$PUBLISHED_VERSION" != "$CURRENT_VERSION" ]; then
116+
codeql pack install "$LANG/ql/src"
117+
codeql pack publish "$LANG/ql/src"
118+
fi
119+
done
102120
103-
echo "Published lib version: $PUBLISHED_VERSION"
104-
echo "Local lib version: $CURRENT_VERSION"
105-
if [ "$PUBLISHED_VERSION" != "$CURRENT_VERSION" ]; then
106-
codeql pack install "${{ matrix.language }}/ql/lib"
107-
codeql pack publish "${{ matrix.language }}/ql/lib"
108-
fi
109-
110-
- name: Check and publish hotspots src packs
111-
working-directory: codeql-patched
112-
env:
113-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
114-
run: |
115-
PUBLISHED_VERSION=$(gh api /orgs/githubsecuritylab/packages/container/hotspots-${{ matrix.language }}-queries/versions --jq '.[0].metadata.container.tags[0]')
116-
CURRENT_VERSION=$(grep version ${{ matrix.language }}/ql/src/qlpack.yml | awk '{print $2}')
117-
118-
echo "Published queries version: $PUBLISHED_VERSION"
119-
echo "Local queries version: $CURRENT_VERSION"
120-
if [ "$PUBLISHED_VERSION" != "$CURRENT_VERSION" ]; then
121-
codeql pack install "${{ matrix.language }}/ql/src"
122-
codeql pack publish "${{ matrix.language }}/ql/src"
123-
fi

0 commit comments

Comments
 (0)