Twilio Credentials #2520
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow checks whether last release is not too old | |
name: Check last release | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
schedule: | |
- cron: '59 23 * * 0' | |
permissions: | |
contents: read | |
jobs: | |
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # | |
rottenness: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: Check last release date | |
continue-on-error: true | |
run: | | |
latest_release="$(curl --silent https://api.github.com/repos/Samsung/CredSweeper/releases/latest)" | |
published_date=$(echo "${latest_release}" | jq --raw-output '.published_at') | |
release_age=$(( $(date +%s) - $(date --date="${published_date}" +%s) )) | |
if [ 0 -ge ${release_age} ]; then | |
echo "Probably, release: ${published_date} and current timezone were different" | |
release_age=0 | |
fi | |
tag_name=$(echo "${latest_release}" | jq --raw-output '.tag_name') | |
if [ $(( 60 * 60 * 24 * 28 )) -gt ${release_age} ]; then | |
echo "Release is fresh" | |
echo "TAG_NAME=" >> $GITHUB_ENV | |
else | |
echo "Release is rotten" | |
echo "TAG_NAME=${tag_name}" >> $GITHUB_ENV | |
fi | |
- name: Checkout current code of default branch | |
if: env.TAG_NAME | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: Samsung/CredSweeper | |
ref: main | |
path: main | |
- name: Checkout last release code | |
if: env.TAG_NAME | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: Samsung/CredSweeper | |
ref: ${{ env.TAG_NAME }} | |
path: ${{ env.TAG_NAME }} | |
- name: Compare source code of versions | |
if: env.TAG_NAME | |
run: diff --recursive ${{ env.TAG_NAME }}/credsweeper ${{ github.event.repository.default_branch }}/credsweeper | |
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # |