From fb2a3bf840a7a5949da81e177fae03a010f305f6 Mon Sep 17 00:00:00 2001
From: Chris Gavin <chris@chrisgavin.me>
Date: Tue, 1 Dec 2020 09:09:02 +0000
Subject: [PATCH] Add a check to ensure expected CodeQL release files exist.

---
 .../check-expected-release-files.yml          | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .github/workflows/check-expected-release-files.yml

diff --git a/.github/workflows/check-expected-release-files.yml b/.github/workflows/check-expected-release-files.yml
new file mode 100644
index 000000000..56aa62519
--- /dev/null
+++ b/.github/workflows/check-expected-release-files.yml
@@ -0,0 +1,22 @@
+name: Check Expected Release Files
+
+on:
+  pull_request:
+    paths:
+      - .github/workflows/check-expected-release-files.yml
+      - src/defaults.json
+
+jobs:
+  check-expected-release-files:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout CodeQL Action
+        uses: actions/checkout@v2
+      - name: Check Expected Release Files
+        run: |
+          bundle_version="$(cat "./src/defaults.json" | jq -r ".bundleVersion")"
+          set -x
+          for expected_file in "codeql-bundle.tar.gz" "codeql-bundle-linux64.tar.gz" "codeql-bundle-osx64.tar.gz" "codeql-bundle-win64.tar.gz" "codeql-runner-linux" "codeql-runner-macos" "codeql-runner-win.exe"; do
+            curl --location --fail --head --request GET "https://github.com/github/codeql-action/releases/download/$bundle_version/$expected_file" > /dev/null
+          done