robojerk/codeql-action

Merge pull request #968 from github/aeisenberg/required-checks

Browse source 
Add some instructions on how to regenerate required checks
This commit is contained in:
Andrew Eisenberg 2022-03-11 12:11:17 -08:00 committed by GitHub
commit 761da7eb50
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/update-supported-enterprise-server-versions.yml vendored
View file

@ -6,6 +6,7 @@ on:
jobs: jobs:
update-supported-enterprise-server-versions: update-supported-enterprise-server-versions:
name: Update Supported Enterprise Server Versions
timeout-minutes: 30 timeout-minutes: 30
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: ${{ github.repository == 'github/codeql-action' }} if: ${{ github.repository == 'github/codeql-action' }}

19
CONTRIBUTING.md
View file

@ -72,6 +72,25 @@ Here are a few things you can do that will increase the likelihood of your pull
Approve the mergeback PR and automerge it. Once the mergeback has been merged into main, the release is complete. Approve the mergeback PR and automerge it. Once the mergeback has been merged into main, the release is complete.
## Keeping the PR checks up to date (admin access required)
Since the `codeql-action` runs most of its testing through individual Actions workflows, there are over two hundred jobs that need to pass in order for a PR to turn green. Managing these PR checks manually is time consuming and complex. Here is a semi-automated approach.
To regenerate the PR jobs for the action:
1. From a terminal, run the following commands (replace `SHA` with the sha of the commit whose checks you want to use, typically this should be the latest from `main`):
```sh
SHA= ####
CHECKS="$(gh api repos/github/codeql-action/commits/${SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or . == "Update dependencies" or . == "Update Supported Enterprise Server Versions" | not)]')"
echo "{\"contexts\": ${CHECKS}}" > checks.json
gh api -X "PATCH" repos/github/codeql-action/branches/main/protection/required_status_checks --input checks.json
gh api -X "PATCH" repos/github/codeql-action/branches/v1/protection/required_status_checks --input checks.json
````
2. Go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules have been updated.
## Resources ## Resources
- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)