robojerk/codeql-action

Merge pull request #1054 from github/aeisenberg/update-checks

Browse source 
Add permissions to workflow
This commit is contained in:
Andrew Eisenberg 2022-05-02 12:46:59 -07:00 committed by GitHub
commit 7b66e72cb7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/update-required-checks.yml vendored
View file

@ -22,13 +22,15 @@ jobs:
run: echo "$GITHUB_CONTEXT"
- name: Update checks
env:
GITHUB_TOKEN: "${{ secrets.CODEQL_CI_TOKEN }}"
run: |
# Update the required checks based on the current branch.
# Typically, this will be main.
echo "Getting checks for $GITHUB_SHA"
# Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") | not)] | sort')"
CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update-") | not)] | sort')"
echo "::group::New Checks"
echo "$CHECKS" | jq