sonar-scanner version check #362
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: sonar-scanner version check | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '15 10 * * *' | |
| jobs: | |
| check-version: | |
| name: Check for sonar-scanner version update | |
| runs-on: github-ubuntu-latest-s | |
| outputs: | |
| should_update: ${{ steps.version-check.outputs.should_update }} | |
| new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }} | |
| steps: | |
| - run: sudo apt install -y jq | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: master | |
| fetch-depth: 0 | |
| - name: "Fetch currently used sonar-scanner version" | |
| id: tagged-version | |
| shell: bash | |
| run: cat sonar-scanner-version >> $GITHUB_OUTPUT | |
| - name: "Fetch latest sonar-scanner version" | |
| id: latest-version | |
| shell: bash | |
| run: | | |
| ./scripts/fetch_latest_version.sh > sonar-scanner-version | |
| cat sonar-scanner-version >> $GITHUB_OUTPUT | |
| - name: "Determine if update is needed" | |
| id: version-check | |
| shell: bash | |
| run: | | |
| if [[ "${{ steps.tagged-version.outputs.sonar-scanner-version }}" != "${{ steps.latest-version.outputs.sonar-scanner-version }}" ]]; then | |
| echo "should_update=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "should_update=false" >> $GITHUB_OUTPUT | |
| fi | |
| update-version: | |
| name: Prepare pull request for sonar-scanner version update | |
| needs: check-version | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| if: needs.check-version.outputs.should_update == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: master | |
| persist-credentials: true | |
| fetch-depth: 0 | |
| - run: sudo snap install yq | |
| - name: "Update default version" | |
| shell: bash | |
| env: | |
| NEW_VERSION: ${{ needs.check-version.outputs.new-version }} | |
| run: | | |
| yq -i '.inputs.scannerVersion.default = strenv(NEW_VERSION)' action.yml | |
| ./scripts/fetch_latest_version.sh > sonar-scanner-version | |
| - name: "Create Pull Request for version update" | |
| shell: bash | |
| env: | |
| UPDATE_BRANCH: update-to-sonar-scanner-${{ needs.check-version.outputs.new-version }} | |
| TITLE: "Update SonarScanner CLI to ${{ needs.check-version.outputs.new-version }}" | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| git config --global user.name "SonarTech" | |
| git config --global user.email "[email protected]" | |
| git checkout -b ${UPDATE_BRANCH} | |
| git add sonar-scanner-version | |
| git add action.yml | |
| git commit -m "${TITLE}" | |
| git push --force-with-lease origin ${UPDATE_BRANCH} | |
| gh pr list | |
| if [[ $(gh pr list -H "${UPDATE_BRANCH}" | grep "${UPDATE_BRANCH}" | wc -l) -eq 0 ]]; then | |
| gh pr create -B master -H ${UPDATE_BRANCH} --title "${TITLE}" --body "Automatic update of the sonar-scanner version value. Be sure to trigger the QA workflow by closing and reopening this PR (see https://github.com/orgs/community/discussions/65321)." | |
| fi |