versus workflows: Update existing PR if any instead of closing/opening by kingthorin · Pull Request #240 · zapbot/zap-mgmt-scripts

kingthorin · 2025-05-21T12:28:35Z

Similar to the recent auth-tests addition.

thc202 · 2025-05-21T12:36:33Z

This will not work as intended, the step # Update to the latest upstream needs to be changed as well, pushing the same content as the upstream is what closes the PR.

I'd also prefer that we don't fail the workflow when the PR is just being updated, there's no reason to and just creates noise (still getting one each day).

kingthorin · 2025-05-21T12:45:59Z

I'll look at the first point.
For the failures:

          gh pr view --json mergedAt|jq -e '.mergedAt' && gh pr create --fill
          gh pr view --json mergedAt|jq -e '.mergedAt' && gh pr create --fill && true

(or ;; true)

kingthorin · 2025-05-21T12:51:04Z

I updated the juiceshop workflow, does that address your first concern?

thc202 · 2025-05-26T15:00:09Z

Seems so, it's no longer pushing the latest from upstream.

kingthorin · 2025-05-26T21:29:03Z

And which option for the failures or do you have another idea?

thc202 · 2025-05-27T06:49:57Z

I don't mind which way as long as it only fails if there's an actual failure (to create the PR or push the changes).

kingthorin · 2025-06-04T10:25:35Z

In that case it would require something more like exit code logic, but I'm not sure they get specific enough.

For the time being, let's narrow this PR down to adjusting the PR logic in other workflows. Then I can look at the failure logic in another?

thc202 · 2025-06-04T10:38:41Z

I'm fine with that, there aren't other ongoing PRs so failures should be minimal.

kingthorin · 2025-06-05T15:34:37Z

All adjusted.

Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>

Copilot

Pull request overview

Updates multiple GitHub Actions workflows that publish scan/auth results to zaproxy/zaproxy-website so repeated runs update the same branch/PR rather than creating new PRs each time.

Changes:

Removes the explicit “sync fork branch to upstream/main” steps from the zap-vs-* workflows.
Pushes results to a fixed branch name with force push and attempts gh pr create --fill, ignoring failures (intended to no-op when the PR already exists).
Aligns auth-tests.yml PR creation behavior with the “attempt create, ignore failure” approach.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 15 comments.

Show a summary per file

File	Description
.github/workflows/zap-vs-webseclab.yml	Updates PR-raising step to force-push a fixed branch and attempt PR creation without failing if it already exists.
.github/workflows/zap-vs-wavsep.yml	Same PR update behavior for wavsep results.
.github/workflows/zap-vs-ssti.yml	Same PR update behavior for SSTI results.
.github/workflows/zap-vs-owasp-benchmark.yml	Same PR update behavior for OWASP Benchmark results.
.github/workflows/zap-vs-juiceshop.yml	Same PR update behavior for Juice Shop results.
.github/workflows/zap-vs-firingrange.yml	Same PR update behavior for Firing Range results.
.github/workflows/zap-vs-crawlmaze.yml	Same PR update behavior for Crawl Maze results.
.github/workflows/auth-tests.yml	Switches to `gh pr create --fill

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>

thc202 · 2026-04-16T14:27:01Z

Thank you!

kingthorin force-pushed the pr-update branch from b04233f to f31b32d Compare May 21, 2025 12:50

kingthorin force-pushed the pr-update branch 2 times, most recently from 6d6604a to 9e5b266 Compare May 21, 2025 12:54

kingthorin force-pushed the pr-update branch from 9e5b266 to 393b26b Compare June 5, 2025 15:33

kingthorin mentioned this pull request Aug 8, 2025

Scan wavsep #246

Merged

versus workflows: Update existing PR if any instead of closing/opening

60cfd85

Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>

kingthorin force-pushed the pr-update branch from 393b26b to dd5c4ee Compare April 16, 2026 12:23

kingthorin requested a review from Copilot April 16, 2026 12:29

Copilot started reviewing on behalf of kingthorin April 16, 2026 12:29 View session

Copilot AI reviewed Apr 16, 2026

View reviewed changes

kingthorin force-pushed the pr-update branch 3 times, most recently from 4ba6ebe to e44c20c Compare April 16, 2026 14:01

Further adjustments

54716a5

Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>

kingthorin force-pushed the pr-update branch from e44c20c to 54716a5 Compare April 16, 2026 14:06

thc202 approved these changes Apr 16, 2026

View reviewed changes

thc202 merged commit df9c0be into zapbot:master Apr 16, 2026

kingthorin deleted the pr-update branch April 16, 2026 14:28

Conversation

kingthorin commented May 21, 2025

Uh oh!

thc202 commented May 21, 2025

Uh oh!

kingthorin commented May 21, 2025

Uh oh!

kingthorin commented May 21, 2025

Uh oh!

thc202 commented May 26, 2025

Uh oh!

kingthorin commented May 26, 2025

Uh oh!

thc202 commented May 27, 2025

Uh oh!

kingthorin commented Jun 4, 2025

Uh oh!

thc202 commented Jun 4, 2025

Uh oh!

kingthorin commented Jun 5, 2025

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

thc202 commented Apr 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants