-
Notifications
You must be signed in to change notification settings - Fork 36
70 lines (56 loc) · 2.11 KB
/
rottenness.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# This workflow checks whether last release is not too old
name: Check last release
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '59 23 * * 0'
permissions:
contents: read
jobs:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
rottenness:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Check last release date
continue-on-error: true
run: |
latest_release="$(curl --silent https://api.github.com/repos/Samsung/CredSweeper/releases/latest)"
published_date=$(echo "${latest_release}" | jq --raw-output '.published_at')
release_age=$(( $(date +%s) - $(date --date="${published_date}" +%s) ))
if [ 0 -ge ${release_age} ]; then
echo "Probably, release: ${published_date} and current timezone were different"
release_age=0
fi
tag_name=$(echo "${latest_release}" | jq --raw-output '.tag_name')
if [ $(( 60 * 60 * 24 * 28 )) -gt ${release_age} ]; then
echo "Release is fresh"
echo "TAG_NAME=" >> $GITHUB_ENV
else
echo "Release is rotten"
echo "TAG_NAME=${tag_name}" >> $GITHUB_ENV
fi
- name: Checkout current code of default branch
if: env.TAG_NAME
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: Samsung/CredSweeper
ref: main
path: main
- name: Checkout last release code
if: env.TAG_NAME
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: Samsung/CredSweeper
ref: ${{ env.TAG_NAME }}
path: ${{ env.TAG_NAME }}
- name: Compare source code of versions
if: env.TAG_NAME
run: diff --recursive ${{ env.TAG_NAME }}/credsweeper ${{ github.event.repository.default_branch }}/credsweeper
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #