Update checkmarx Java wrapper #1149
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update checkmarx Java wrapper | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * *' | |
| jobs: | |
| update-checkmarx-cli: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.7 | |
| with: | |
| lfs: true | |
| - name: Install Git LFS | |
| run: git lfs install | |
| - name: Configure Git user | |
| run: | | |
| git config --global user.name github-actions[bot] | |
| git config --global user.email github-actions[bot]@users.noreply.github.com | |
| - name: Get Latest Checkmarx Java wrapper version | |
| id: ast-cli-java-wrapper | |
| run: | | |
| echo "Fetching latest release tag from Maven repository..." | |
| # Correctly assign variables | |
| release_tag=$(curl -s "https://repo1.maven.org/maven2/com/checkmarx/ast/ast-cli-java-wrapper/maven-metadata.xml" | grep -oPm1 "(?<=<latest>)[^<]+") | |
| current_tag=$(cat ast-cli-java-wrapper.version) | |
| # Debugging output | |
| echo "Current tag: $current_tag" | |
| echo "Latest release tag: $release_tag" | |
| # Correctly append to environment variables | |
| echo "release_tag=$release_tag" >> $GITHUB_ENV | |
| echo "current_tag=$current_tag" >> $GITHUB_ENV | |
| - name: Update Checkmarx Java wrapper version | |
| if: env.current_tag != env.release_tag | |
| run: | | |
| echo "Updating Checkmarx Java wrapper version..." | |
| echo "Current version: $current_tag" | |
| echo "New version: $release_tag" | |
| # Update current release | |
| echo "$release_tag" > ast-cli-java-wrapper.version | |
| current_version="ast-cli-java-wrapper-$current_tag.jar" | |
| new_version="ast-cli-java-wrapper-$release_tag.jar" | |
| echo "Updating references in project files..." | |
| sed -i "s/$current_version/$new_version/g" checkmarx-ast-eclipse-plugin/build.properties | |
| sed -i "s/$current_version/$new_version/g" checkmarx-ast-eclipse-plugin/.classpath | |
| sed -i "s/$current_version/$new_version/g" checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF | |
| # Remove old JAR and download the new one | |
| cd checkmarx-ast-eclipse-plugin/lib/ | |
| echo "Removing old JAR file: $current_version" | |
| ls -al | |
| rm -f "$current_version" | |
| echo "Downloading new JAR file: $new_version" | |
| curl -o "$new_version" "https://repo1.maven.org/maven2/com/checkmarx/ast/ast-cli-java-wrapper/$release_tag/$new_version" | |
| # Track the new JAR file with LFS | |
| FILE_PATH="checkmarx-ast-eclipse-plugin/lib/$new_version" | |
| echo "Tracking new file in LFS: $FILE_PATH" | |
| git lfs track "$FILE_PATH" | |
| git add .gitattributes "$FILE_PATH" | |
| git commit -m "Update ast-cli-java-wrapper to $release_tag" | |
| git push origin HEAD:${{ github.ref }} | |
| - name: Create Pull Request | |
| if: env.current_tag != env.release_tag | |
| uses: peter-evans/create-pull-request@v6.1.0 | |
| with: | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| commit-message: Update ast-cli-java-wrapper to ${{ env.release_tag }} | |
| title: Update ast-cli-java-wrapper with ${{ env.release_tag }} | |
| body: | | |
| Updates [ast-cli-java-wrapper][1] to ${{ env.release_tag }} | |
| Auto-generated by [create-pull-request][2] | |
| [1]: https://github.com/CheckmarxDev/ast-cli-java-wrapper | |
| labels: cxone | |
| branch: dependency/update_java_wrapper |