CWS BTFHub constants sync #91
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CWS BTFHub constants sync" | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '30 4 * * *' # at 4:30 UTC every day | |
| jobs: | |
| sync: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Cleanup runner | |
| run: | | |
| sudo rm -rf /usr/local/lib/android >/dev/null 2>&1 | |
| docker rmi $(docker image ls -aq) >/dev/null 2>&1 | |
| - name: Checkout datadog-agent repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: main | |
| - name: Checkout btfhub-archive repository | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: aquasecurity/btfhub-archive | |
| path: dev/dist/archive | |
| - name: Install python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.8.14' | |
| cache: 'pip' | |
| - name: Install go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: '.go-version' | |
| - name: Install python requirements | |
| run: | | |
| pip install -r requirements.txt | |
| - name: Install go deps | |
| run: | | |
| inv -e deps | |
| - name: Compute branch name | |
| id: branch-name | |
| run: | | |
| echo "BRANCH_NAME=cws/constants-sync-$(date +%s)" >> $GITHUB_OUTPUT | |
| - name: Sync constants | |
| run: | | |
| inv -e security-agent.generate-btfhub-constants --archive-path=./dev/dist/archive | |
| - uses: stefanzweifel/git-auto-commit-action@v4 | |
| id: commit-creator | |
| with: | |
| commit_message: "CWS: sync BTFhub constants" | |
| branch: ${{ steps.branch-name.outputs.BRANCH_NAME }} | |
| create_branch: true | |
| skip_fetch: true | |
| skip_checkout: true | |
| - name: Create Pull Request | |
| uses: actions/github-script@v6 | |
| if: steps.commit-creator.outputs.changes_detected == 'true' | |
| with: | |
| script: | | |
| const { repo, owner } = context.repo; | |
| const result = await github.rest.pulls.create({ | |
| title: 'CWS: sync BTFHub constants', | |
| owner, | |
| repo, | |
| head: '${{ steps.branch-name.outputs.BRANCH_NAME }}', | |
| base: 'main', | |
| body: [ | |
| '### What does this PR do?', | |
| 'This PR syncs the BTFHub constants used by CWS', | |
| '_This PR was autogenerated_' | |
| ].join('\n') | |
| }); | |
| github.rest.issues.update({ | |
| owner, | |
| repo, | |
| issue_number: result.data.number, | |
| milestone: 22, // triage | |
| }); | |
| github.rest.issues.addLabels({ | |
| owner, | |
| repo, | |
| issue_number: result.data.number, | |
| labels: ['changelog/no-changelog', 'qa/skip-qa', 'team/agent-security'] | |
| }); |