diff --git a/.github/workflows/sync-main.yml b/.github/workflows/sync-main.yml index f10d5ce5bc51..87ad2d834460 100644 --- a/.github/workflows/sync-main.yml +++ b/.github/workflows/sync-main.yml @@ -10,9 +10,7 @@ on: - cron: '55 * * * *' jobs: - sync-main: - name: Sync-main runs-on: ubuntu-latest if: github.repository == 'microsoft/codeql' @@ -28,46 +26,59 @@ jobs: - name: Git config shell: bash run: | - git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" - - name: Add and fetch upstream + git config user.name "dilanbhalla" + git config user.email "dilanbhalla@microsoft.com" + - name: Git checkout auto/sync-main-pr + shell: bash run: | - echo "::group::Fetch and set up remotes" - git fetch + git fetch origin + if git ls-remote --exit-code --heads origin auto/sync-main-pr > /dev/null; then + echo "Branch exists remotely. Checking it out." + git checkout -B auto/sync-main-pr origin/auto/sync-main-pr + else + echo "Branch does not exist remotely. Creating from main." + git checkout -B auto/sync-main-pr origin/main + git push -u origin auto/sync-main-pr + fi + - name: Sync origin/main + shell: bash + run: | + echo "::group::Sync with main branch" + git pull origin auto/sync-main-pr; exitCode=$?; if [ $exitCode -ne 0 ]; then exitCode=0; fi + git pull origin main --no-rebase + git push --force origin auto/sync-main-pr + echo "::endgroup::" + - name: Sync upstream/codeql-cli/latest + shell: bash + run: | + echo "::group::Set up remote" git remote add upstream https://github.com/github/codeql.git git fetch upstream --tags --force echo "::endgroup::" - - echo "::group::Checkout and merge" + echo "::group::Merge codeql-cli/latest" set -x - git fetch origin sync-main-pr || true - git checkout -B sync-main-pr origin/main git merge codeql-cli/latest set +x echo "::endgroup::" - name: Push sync branch run: | - git push origin sync-main-pr --force - # Ensure branch is visible to GitHub - gh api repos/:owner/:repo/branches/sync-main-pr || { - echo "Branch not yet visible to GitHub — waiting a bit more" - sleep 10 - } - - name: Create or update PR + git push origin auto/sync-main-pr + env: + GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} + - name: Create PR if it doesn't exist + shell: bash run: | - gh api repos/:owner/:repo/branches/sync-main-pr - PR_URL=$(gh pr list --head sync-main-pr --json url --jq '.[0].url') - if [ -z "$PR_URL" ]; then - gh pr create \ - --title "Automated sync from upstream" \ - --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \ - --head sync-main-pr \ - --base main + pr_number=$(gh pr list --repo microsoft/codeql --head auto/sync-main-pr --base main --json number --jq '.[0].number') + if [ -n "$pr_number" ]; then + echo "PR from auto/sync-main-pr to main already exists (PR #$pr_number). Exiting gracefully." else - echo "PR already exists: $PR_URL" + echo "PR does not exist. Creating one..." + gh pr create --repo microsoft/codeql --fill -B main -H auto/sync-main-pr \ + --label 'autogenerated' \ + --title 'Sync Main (autogenerated)' \ + --body "This PR syncs the latest changes from \`codeql-cli/latest\` into \`main\`." \ + --reviewer 'MathiasVP' + --reviewer 'ropwareJB' fi - exit 0 env: GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} - GITHUB_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} -