Skip to content

Update checkmarx ast cli #31456

Update checkmarx ast cli

Update checkmarx ast cli #31456

Workflow file for this run

name: Update checkmarx ast cli
on:
workflow_dispatch:
schedule:
- cron: '0 * * * *'
jobs:
updateCheckmarxJenkins:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
lfs: true
- name: Install Git LFS
run: |
sudo apt-get update
sudo apt-get install git-lfs
git lfs install
- name: Configure Git user
run: |
git config --global user.name github-actions
git config --global user.email [email protected]
- name: Get Latest Checkmarx API version
id: checkmarx-ast-cli
run: |
echo ::set-output name=release_tag::$(curl -sL https://api.github.com/repos/checkmarx/ast-cli/releases/latest | jq -r ".tag_name")
echo ::set-output name=current_tag::$(<checkmarx-ast-cli.version)
- name: Update Checkmarx cli version
if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
env:
RELEASE_TAG: ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
run: |
# Update current release
echo ${{ steps.checkmarx-ast-cli.outputs.release_tag }} > checkmarx-ast-cli.version
- name: Download latest cli and update branch
if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
run: |
# Update binaries
chmod +x ./.github/scripts/update_cli.sh
./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
- name: Track large files with Git LFS
if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
run: |
git lfs track "src/main/resources/cx-linux"
git lfs track "src/main/resources/cx-linux-arm"
git lfs track "src/main/resources/cx.exe"
git lfs track "src/main/resources/cx-mac"
git add .gitattributes
git add src/main/resources/cx-linux src/main/resources/cx-linux-arm src/main/resources/cx.exe src/main/resources/cx-mac
git commit -m "Track Checkmarx CLI binaries with Git LFS"
- name: Create Pull Request
if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 #v6
with:
token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
commit-message: Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
title: Update checkmarx-ast-cli binaries with ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
body: |
Updates [checkmarx-ast-cli][1] to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
Auto-generated by [create-pull-request][2]
[1]: https://github.com/Checkmarx/checkmarx-ast-cli
labels: cxone
branch: feature/update_cli