update cli

cx-daniel-greenspan · web-flow · commit 24bd037c5b73 · 2025-04-08T17:45:18.000+03:00
diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml
@@ -1,6 +1,11 @@
 name: Update checkmarx ast cli
+
 on:
   workflow_dispatch:
+    inputs:
+      cli-tag:
+        description: 'Optional CLI tag to upgrade to'
+        required: false
   repository_dispatch:
     types: [cli-version-update]
 
@@ -23,51 +28,57 @@ jobs:
           git config --global user.name github-actions
           git config --global user.email github-actions@github.com
 
-      - name: Get Latest Checkmarx API version
-        id: checkmarx-ast-cli
+      - name: Determine target CLI version
+        id: determine-cli-version
         run: |
-          echo ::set-output name=release_tag::$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name")
-          echo ::set-output name=current_tag::$(<checkmarx-ast-cli.version)
+          if [ -n "${{ github.event.inputs.cli-tag }}" ]; then
+            echo "Using user-provided CLI tag: ${{ github.event.inputs.cli-tag }}"
+            echo "release_tag=${{ github.event.inputs.cli-tag }}" >> $GITHUB_OUTPUT
+          else
+            echo "Fetching latest release from GitHub..."
+            LATEST_TAG=$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name")
+            echo "release_tag=$LATEST_TAG" >> $GITHUB_OUTPUT
+          fi
+          echo "current_tag=$(<checkmarx-ast-cli.version)" >> $GITHUB_OUTPUT
 
-      - name: Update Checkmarx cli version
-        if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
-        env:
-          RELEASE_TAG: ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
-        run: |
-          # Update current release
-          echo ${{ steps.checkmarx-ast-cli.outputs.release_tag }} > checkmarx-ast-cli.version
+      - name: Update Checkmarx CLI version file
+        if: steps.determine-cli-version.outputs.current_tag != steps.determine-cli-version.outputs.release_tag
+        run: echo "${{ steps.determine-cli-version.outputs.release_tag }}" > checkmarx-ast-cli.version
 
-      - name: Download latest cli and update branch
-        if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
+      - name: Download CLI and run update script
+        if: steps.determine-cli-version.outputs.current_tag != steps.determine-cli-version.outputs.release_tag
         run: |
-          # Update binaries
           chmod +x ./.github/scripts/update_cli.sh
-          ./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
+          ./.github/scripts/update_cli.sh ${{ steps.determine-cli-version.outputs.release_tag }}
 
       - name: Track large files with Git LFS
-        if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
+        if: steps.determine-cli-version.outputs.current_tag != steps.determine-cli-version.outputs.release_tag
         run: |
           git lfs track "src/main/wrapper/resources/cx-linux"
           git lfs track "src/main/wrapper/resources/cx.exe"
           git lfs track "src/main/wrapper/resources/cx-mac"
           git add .gitattributes
           git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac
-          git commit -m "Track Checkmarx CLI binaries with Git LFS"
+
+      - name: Commit and push changes directly (no PR)
+        if: github.event.inputs.cli-tag != ''
+        run: |
+          git add checkmarx-ast-cli.version
+          git commit -m "Direct update of Checkmarx CLI to ${{ steps.determine-cli-version.outputs.release_tag }}"
+          git push origin HEAD
 
       - name: Create Pull Request
-        id: cretae_pull_request
-        if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
-        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6
+        if: github.event.inputs.cli-tag == '' && steps.determine-cli-version.outputs.current_tag != steps.determine-cli-version.outputs.release_tag
+        uses: peter-evans/create-pull-request@v6
         with:
           token: ${{ secrets.AUTOMATION_TOKEN }}
-          commit-message: Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
-          title: Update checkmarx-ast-cli binaries with ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
+          commit-message: Update checkmarx-ast-cli to ${{ steps.determine-cli-version.outputs.release_tag }}
+          title: Update checkmarx-ast-cli binaries with ${{ steps.determine-cli-version.outputs.release_tag }}
           body: |
-            Updates [checkmarx-ast-cli][1] to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
+            Updates [checkmarx-ast-cli][1] to ${{ steps.determine-cli-version.outputs.release_tag }}
 
             Auto-generated by [create-pull-request][2]
 
             [1]: https://github.com/Checkmarx/checkmarx-ast-cli
           labels: cxone
-          branch: feature/update_cli_${{ steps.checkmarx-ast-cli.outputs.release_tag }}
-
+          branch: feature/update_cli_${{ steps.determine-cli-version.outputs.release_tag }}
