Update checkmarx Java wrapper #1155
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update checkmarx Java wrapper | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * *' | |
| jobs: | |
| update-checkmarx-cli: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4.1.7 | |
| with: | |
| lfs: true | |
| - name: Install Git LFS | |
| run: git lfs install | |
| - name: Configure Git user | |
| run: | | |
| git config --global user.name github-actions[bot] | |
| git config --global user.email github-actions[bot]@users.noreply.github.com | |
| - name: Get Latest Checkmarx Java wrapper version | |
| id: ast-cli-java-wrapper | |
| run: | | |
| echo "Fetching latest release tag from Maven repository..." | |
| # Correctly assign variables | |
| release_tag=$(curl -s "https://repo1.maven.org/maven2/com/checkmarx/ast/ast-cli-java-wrapper/maven-metadata.xml" | grep -oPm1 "(?<=<latest>)[^<]+") | |
| current_tag=$(cat ast-cli-java-wrapper.version) | |
| # Debugging output | |
| echo "Current tag: $current_tag" | |
| echo "Latest release tag: $release_tag" | |
| # Correctly append to environment variables | |
| echo "release_tag=$release_tag" >> $GITHUB_ENV | |
| echo "current_tag=$current_tag" >> $GITHUB_ENV | |
| - name: Update Checkmarx Java wrapper version | |
| if: env.current_tag != env.release_tag | |
| run: | | |
| echo "Updating Checkmarx Java wrapper version..." | |
| echo "Current version: $current_tag" | |
| echo "New version: $release_tag" | |
| # Update current release | |
| echo "$release_tag" > ast-cli-java-wrapper.version | |
| current_version="ast-cli-java-wrapper-$current_tag.jar" | |
| new_version="ast-cli-java-wrapper-$release_tag.jar" | |
| echo "Updating references in project files..." | |
| echo "Verifying if current version exists in files before replacement:" | |
| grep -n "$current_version" checkmarx-ast-eclipse-plugin/build.properties || echo "Not found in build.properties" | |
| grep -n "$current_version" checkmarx-ast-eclipse-plugin/.classpath || echo "Not found in .classpath" | |
| grep -n "$current_version" checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF || echo "Not found in MANIFEST.MF" | |
| echo "Updating references in project files..." | |
| sed -i "s|$current_version|$new_version|g" checkmarx-ast-eclipse-plugin/build.properties | |
| sed -i "s|$current_version|$new_version|g" checkmarx-ast-eclipse-plugin/.classpath | |
| sed -i "s|$current_version|$new_version|g" checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF | |
| echo "Verifying if the files were modified:" | |
| git diff -- checkmarx-ast-eclipse-plugin/build.properties | |
| git diff -- checkmarx-ast-eclipse-plugin/.classpath | |
| git diff -- checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF | |
| echo "If no changes are shown above, the replacement did not occur." | |
| # Remove old JAR and download the new one | |
| cd checkmarx-ast-eclipse-plugin/lib/ | |
| echo "Removing old JAR file: $current_version" | |
| rm -f "$current_version" | |
| echo "Downloading new JAR file: $new_version" | |
| curl -fLO "https://repo1.maven.org/maven2/com/checkmarx/ast/ast-cli-java-wrapper/$release_tag/$new_version" | |
| # Verify if the file exists | |
| echo "Checking if the new file exists..." | |
| ls -al | |
| if [ ! -f "$new_version" ]; then | |
| echo "Error: The new JAR file was not downloaded correctly." | |
| exit 1 | |
| fi | |
| cd ../../ # Move back to repo root | |
| # Track file in LFS before staging | |
| echo "Tracking file in Git LFS..." | |
| git lfs track "checkmarx-ast-eclipse-plugin/lib/$new_version" | |
| git add .gitattributes | |
| git add "checkmarx-ast-eclipse-plugin/lib/$new_version" | |
| # Ensure LFS files are handled correctly | |
| echo "Committing changes..." | |
| git commit -m "Update ast-cli-java-wrapper to $release_tag" | |
| echo "Pushing LFS-tracked files..." | |
| git lfs push --all origin | |
| echo "Pushing commit to repository..." | |
| git push origin HEAD:${{ github.ref }} | |
| - name: Create Pull Request | |
| if: env.current_tag != env.release_tag | |
| uses: peter-evans/create-pull-request@v6.1.0 | |
| with: | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| commit-message: Update ast-cli-java-wrapper to ${{ env.release_tag }} | |
| title: Update ast-cli-java-wrapper with ${{ env.release_tag }} | |
| body: | | |
| Updates [ast-cli-java-wrapper][1] to ${{ env.release_tag }} | |
| Auto-generated by [create-pull-request][2] | |
| [1]: https://github.com/CheckmarxDev/ast-cli-java-wrapper | |
| labels: cxone | |
| branch: dependency/update_java_wrapper |