Commit graph

3996 commits

Author SHA1 Message Date
Marco Ferrari
901a901655
fix: add missing checkov configuration file (#5090)
Add a default (empty) configuration file for Checkov and a smoke test to
ensure that we catch the case where a default configuration file is not
present, and it should be.
2024-01-02 18:03:30 +01:00
Marco Ferrari
19e39e211e
build: install clang-format from OS package repo (#5071)
Build and install clang-format instead of pulling it from a (potentially)
unmaintained repository
2024-01-01 11:39:59 +01:00
Marco Ferrari
ededa44d36
fix: fail when validating as expected (#5076)
Fail when USE_FIND_ALGORITHM is true and VALIDATE_ALL_CODEBASE is false
as expected.
2023-12-30 23:02:25 +01:00
Marco Ferrari
690d422fd6
build: install chktex (#5074)
Install chktex directly instead of using a third-party container image.
2023-12-30 16:07:07 +01:00
Marco Ferrari
1ca3ebccd6
build: reduce container image size (#5072)
- Remove build-time dependencies
- Remove cached NPM packages
- Remove cached PyPi packages
- Remove dependency descriptors. These still count against the total space,
  although it's a few KBs
- Install rust-clippy and rust-fmt using the OS package manager instead of
  maintaining our own installation script
- Add tests for build time dependencies that are not supposed to be installed
2023-12-29 19:30:58 +01:00
dependabot[bot]
0355c996e0
deps(docker): bump yoheimuta/protolint from 0.47.3 to 0.47.4 (#5068)
Bumps yoheimuta/protolint from 0.47.3 to 0.47.4.

---
updated-dependencies:
- dependency-name: yoheimuta/protolint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-27 12:39:04 +01:00
Adam Ralph
5a175c2e27
feat: install .NET LTS instead of STS (#5047)
Switch to the LTS .NET release channel to allow .NET 8 to be installed. STS restricts to .NET 7.
2023-12-27 10:26:05 +01:00
dependabot[bot]
3ed561c0c5
deps(npm): bump react-router-dom from 6.21.0 to 6.21.1 in /dependencies (#5062)
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.21.0 to 6.21.1.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.21.1/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-27 08:28:12 +00:00
dependabot[bot]
9ad35f58f4
deps(bundler): bump rubocop-rails from 2.23.0 to 2.23.1 in /dependencies (#5066)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.23.0 to 2.23.1.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.23.0...v2.23.1)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-27 08:28:08 +00:00
dependabot[bot]
610a45e49f
deps(bundler): bump rubocop-minitest in /dependencies (#5067)
Bumps [rubocop-minitest](https://github.com/rubocop/rubocop-minitest) from 0.34.1 to 0.34.2.
- [Release notes](https://github.com/rubocop/rubocop-minitest/releases)
- [Changelog](https://github.com/rubocop/rubocop-minitest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-minitest/compare/v0.34.1...v0.34.2)

---
updated-dependencies:
- dependency-name: rubocop-minitest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-27 08:28:04 +00:00
dependabot[bot]
c208173f27
deps(docker): bump clj-kondo/clj-kondo (#5069)
Bumps clj-kondo/clj-kondo from 2023.05.18-alpine to 2023.12.15-alpine.

---
updated-dependencies:
- dependency-name: clj-kondo/clj-kondo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-27 08:27:34 +00:00
Marco Ferrari
4d9eaa5c54
build: update Dart, dart analyzer to 3.2.4 (#5065)
Recent versions of dart analyzer don't support the --options
configuration option anymore, so we cannot pass an arbitrary
configuration file. This commit removes the default dart analyzer
configuration file as well, because it's not needed anymore.
2023-12-26 22:14:57 +01:00
Marco Ferrari
1dc74e194e
build: install clj-kondo from its container image (#5064)
Instead of providing a script to install clj-kondo, grab it from its
container image so that we can benefit from automated dependency
updates.
2023-12-25 12:41:40 +01:00
Marco Ferrari
69a45e022d
feat!: validate configuration when using find (#5045)
- Fail if the configuration contains USE_FIND_ALGORITHM=true and
  VALIDATE_ALL_CODEBASE=false because this is an unsupported
  configuration. Before this change, super-linter silently ignored
  VALIDATE_ALL_CODEBASE, leading to potentially surprising behavior.
2023-12-25 11:15:42 +01:00
dependabot[bot]
20d12b4c7a
deps(java): bump com.pinterest.ktlint:ktlint-cli in /dependencies/ktlint (#5050)
Remove KOTLIN_ANDROID because ktlint handles that case by reading
a configuration setting in .editorconfig.

Bumps [com.pinterest.ktlint:ktlint-cli](https://github.com/pinterest/ktlint) from 0.47.1 to 1.1.0.
- [Release notes](https://github.com/pinterest/ktlint/releases)
- [Changelog](https://github.com/pinterest/ktlint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pinterest/ktlint/compare/0.47.1...1.1.0)

---
updated-dependencies:
- dependency-name: com.pinterest.ktlint:ktlint-cli
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 19:33:08 +01:00
Marco Ferrari
11b70102c3
feat!: run linters against the workspace (#5041)
- Run jscpd, gitleaks, textlint  against the entire workspace instead of
  running them over single files, one by one.
- Implement a warning function for deprecated variables.
- Deprecate the VALIDATE_JSCPD_ALL_CODEBASE variable.
- Remove duplicate configuration files when they are the same as the
  ones we provide in TEMPLATES.
- Add a missing tests for ansible-lint.
- Move ANSIBLE_DIRECTORY configuration when running tests in
  buildFileList, where similar configs are.
- Simplify ansible-lint test cases to include only what's necessary, and
  not an entire set of roles, playbooks, and inventory.
- Write instructions about major upgrades in the upgrade guide.
2023-12-24 17:56:15 +01:00
Marco Ferrari
59154bf97f
ci: enable auto-merge for dependabot pull requests (#5063)
Enabling auto-merge doesn't actually merge these PRs because we still
require approvals.
2023-12-24 17:20:13 +01:00
dependabot[bot]
df6543f763
deps(npm): bump renovate from 37.105.0 to 37.107.0 in /dependencies (#5061)
Bumps [renovate](https://github.com/renovatebot/renovate) from 37.105.0 to 37.107.0.
- [Release notes](https://github.com/renovatebot/renovate/releases)
- [Changelog](https://github.com/renovatebot/renovate/blob/main/.releaserc)
- [Commits](https://github.com/renovatebot/renovate/compare/37.105.0...37.107.0)

---
updated-dependencies:
- dependency-name: renovate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:15:09 +00:00
dependabot[bot]
3f8eafdc04
deps(python): bump cfn-lint in /dependencies/python (#5059)
Bumps [cfn-lint](https://github.com/aws-cloudformation/cfn-python-lint) from 0.83.6 to 0.83.7.
- [Release notes](https://github.com/aws-cloudformation/cfn-python-lint/releases)
- [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-cloudformation/cfn-python-lint/compare/v0.83.6...v0.83.7)

---
updated-dependencies:
- dependency-name: cfn-lint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:14:57 +00:00
dependabot[bot]
dffec934fc
deps(python): bump snakemake in /dependencies/python (#5057)
Bumps [snakemake](https://github.com/snakemake/snakemake) from 7.32.4 to 8.0.1.
- [Release notes](https://github.com/snakemake/snakemake/releases)
- [Changelog](https://github.com/snakemake/snakemake/blob/main/CHANGELOG.md)
- [Commits](https://github.com/snakemake/snakemake/compare/v7.32.4...v8.0.1)

---
updated-dependencies:
- dependency-name: snakemake
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:14:57 +00:00
dependabot[bot]
95a8130cf3
deps(npm): bump eslint-plugin-prettier in /dependencies (#5058)
Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 5.1.0 to 5.1.2.
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-plugin-prettier/compare/v5.1.0...v5.1.2)

---
updated-dependencies:
- dependency-name: eslint-plugin-prettier
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:14:23 +00:00
dependabot[bot]
e705fb156e
deps(python): bump black from 23.12.0 to 23.12.1 in /dependencies/python (#5056)
Bumps [black](https://github.com/psf/black) from 23.12.0 to 23.12.1.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/23.12.0...23.12.1)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:13:49 +00:00
dependabot[bot]
e127bdfd5b
deps(python): bump mypy from 1.7.1 to 1.8.0 in /dependencies/python (#5060)
Bumps [mypy](https://github.com/python/mypy) from 1.7.1 to 1.8.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.7.1...v1.8.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:13:30 +00:00
dependabot[bot]
dc166ec78d
deps(docker): bump terraform-linters/tflint from v0.49.0 to v0.50.0 (#5053)
Bumps [terraform-linters/tflint](https://github.com/terraform-linters/tflint) from v0.49.0 to v0.50.0.
- [Release notes](https://github.com/terraform-linters/tflint/releases)
- [Changelog](https://github.com/terraform-linters/tflint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terraform-linters/tflint/compare/v0.49.0...v0.50.0)

---
updated-dependencies:
- dependency-name: terraform-linters/tflint
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:13:18 +00:00
dependabot[bot]
88562ff546
deps(docker): bump tenable/terrascan from 1.18.9 to 1.18.11 (#5055)
Bumps tenable/terrascan from 1.18.9 to 1.18.11.

---
updated-dependencies:
- dependency-name: tenable/terrascan
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:13:18 +00:00
dependabot[bot]
57218d3e19
deps(docker): bump yoheimuta/protolint from 0.47.2 to 0.47.3 (#5052)
Bumps yoheimuta/protolint from 0.47.2 to 0.47.3.

---
updated-dependencies:
- dependency-name: yoheimuta/protolint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:13:13 +00:00
dependabot[bot]
ebeeae9e85
deps(dev-docker): bump node in /dev-dependencies (#5051)
Bumps node from 21.4.0-bookworm to 21.5.0-bookworm.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:12:53 +00:00
dependabot[bot]
125c610d00
deps(python): bump checkov from 3.1.38 to 3.1.43 in /dependencies/python (#5054)
Bumps [checkov](https://github.com/bridgecrewio/checkov) from 3.1.38 to 3.1.43.
- [Release notes](https://github.com/bridgecrewio/checkov/releases)
- [Changelog](https://github.com/bridgecrewio/checkov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bridgecrewio/checkov/compare/3.1.38...3.1.43)

---
updated-dependencies:
- dependency-name: checkov
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-24 14:12:50 +00:00
Marco Ferrari
fa7cb563d8
feat: automatically handle ktlint updates (#5049) 2023-12-24 14:47:34 +01:00
Marco Ferrari
b214a59ca7
fix: fix file list when looking for changes (#5044)
- Fix the file diff function on push events.
- Implement a test for the file diff function
2023-12-23 19:33:53 +01:00
Marco Ferrari
9d7268fb99
feat: add support for checkov to lint iac files (#4925)
- Add support to run Checkov against infrastructure as code descriptors
  that are in a given (configurable) directory. Defaults to lint the
  whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
  issues right away with this change.
2023-12-22 13:22:15 +01:00
Marco Ferrari
61d0c6992b
feat: redact gitleaks secrets from output (#5040) 2023-12-22 09:24:16 +01:00
dependabot[bot]
3434940f2c
build(java): bump com.google.googlejavaformat:google-java-format (#5020)
Bumps [com.google.googlejavaformat:google-java-format](https://github.com/google/google-java-format) from 1.18.1 to 1.19.1.
- [Release notes](https://github.com/google/google-java-format/releases)
- [Commits](https://github.com/google/google-java-format/compare/v1.18.1...v1.19.1)

---
updated-dependencies:
- dependency-name: com.google.googlejavaformat:google-java-format
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 20:09:18 +00:00
Marco Ferrari
60983d395f
fix: fail if r package installation fails (#4994)
- Fail if the installation of a R package fails.
- Install the remotes package once during the image build, and not when we scan
  files at runtime.
- Reuse the default R library directory instead of moving it to /home/r-library
2023-12-21 20:52:57 +01:00
dependabot[bot]
a2cf1807a7
build(npm): bump eslint-plugin-jsonc in /dependencies (#5024)
Bumps [eslint-plugin-jsonc](https://github.com/ota-meshi/eslint-plugin-jsonc) from 2.11.1 to 2.11.2.
- [Release notes](https://github.com/ota-meshi/eslint-plugin-jsonc/releases)
- [Changelog](https://github.com/ota-meshi/eslint-plugin-jsonc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ota-meshi/eslint-plugin-jsonc/compare/v2.11.1...v2.11.2)

---
updated-dependencies:
- dependency-name: eslint-plugin-jsonc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:42:47 +00:00
dependabot[bot]
f655d9222f
build(npm): bump npm-groovy-lint from 14.0.0 to 14.0.1 in /dependencies (#5023)
Bumps [npm-groovy-lint](https://github.com/nvuillam/npm-groovy-lint) from 14.0.0 to 14.0.1.
- [Release notes](https://github.com/nvuillam/npm-groovy-lint/releases)
- [Changelog](https://github.com/nvuillam/npm-groovy-lint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nvuillam/npm-groovy-lint/compare/v14.0.0...v14.0.1)

---
updated-dependencies:
- dependency-name: npm-groovy-lint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:18:15 +00:00
dependabot[bot]
579274a690
deps(npm): bump eslint-plugin-prettier in /dependencies (#5038)
Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 5.0.1 to 5.1.0.
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/eslint-plugin-prettier/compare/v5.0.1...v5.1.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-prettier
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:15:59 +00:00
dependabot[bot]
1299982895
deps(npm): bump renovate from 37.102.0 to 37.105.0 in /dependencies (#5037)
Bumps [renovate](https://github.com/renovatebot/renovate) from 37.102.0 to 37.105.0.
- [Release notes](https://github.com/renovatebot/renovate/releases)
- [Changelog](https://github.com/renovatebot/renovate/blob/main/.releaserc)
- [Commits](https://github.com/renovatebot/renovate/compare/37.102.0...37.105.0)

---
updated-dependencies:
- dependency-name: renovate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:15:26 +00:00
dependabot[bot]
7327ca7c51
deps(npm): bump gherkin-lint from 4.2.2 to 4.2.4 in /dependencies (#5036)
Bumps [gherkin-lint](https://github.com/vsiakka/gherkin-lint) from 4.2.2 to 4.2.4.
- [Release notes](https://github.com/vsiakka/gherkin-lint/releases)
- [Commits](https://github.com/vsiakka/gherkin-lint/compare/v4.2.2...v4.2.4)

---
updated-dependencies:
- dependency-name: gherkin-lint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:14:24 +00:00
dependabot[bot]
17d5a62cc0
build(docker): bump yoheimuta/protolint from 0.47.0 to 0.47.2 (#5034)
Bumps yoheimuta/protolint from 0.47.0 to 0.47.2.

---
updated-dependencies:
- dependency-name: yoheimuta/protolint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-21 14:14:14 +00:00
Marco Ferrari
641c65a8c4
ci: configure release-please dry-run and changelog (#5039)
- Implement a job to preview the release notes
- Include build, ci, and dependency updates
- Add emoji to section headings to match the existing release notes
- Add documentation about how to run release-please from the CLI
2023-12-21 15:03:14 +01:00
Marco Ferrari
0bb35c3e60
ci: update prefix for dependency updates (#5035) 2023-12-20 19:01:01 +01:00
Marco Ferrari
d8ca23519b
build: use a base image (#5033)
- Refactor Dockerfile to use a base image so that we can reuse the cache
  for the standard image and not just the base image.
- Simplify the cd workflow to take into account the Production
  environment only for latest images.
2023-12-20 17:45:35 +01:00
Marco Ferrari
43dc36860c
ci: fix build cache in the cd workflow (#5032) 2023-12-20 16:39:19 +01:00
Marco Ferrari
238caec66e
ci: set current version to 5.7.2 (#5031)
- Set the current version to 5.7.2 in release-please manifest
- Enable cache load in cd workflow
2023-12-20 16:33:53 +01:00
Marco Ferrari
9c7046864f
ci: fix release workflow (#5030)
- Don't run the Release job with a matrix because we don't want to run
  release-please and the git tag steps more than once.
- Don't get release metadata if release-please didn't create the release
  yet.
- Populate the container image build cache.
- Set the starting version and commit for release-please.
2023-12-20 15:55:53 +01:00
Marco Ferrari
93b5ede1e8
ci: configure release-please (#5016)
- Configure release-please to automatically create pull requests and
  releases.
- Run release-please and tag update in the CD workflow.
- Update Git tags pointing to latest, major.minor, and major versions as
  part of the CD workflow.
- Remove workflows (draft-release, release) that are not necessary
  anymore, and related configuration files.
- Handle automatic updates to README.md, action.yml, and action.yaml
- Mount .github to /tmp/lint/.github so super-linter finds config files,
  and the GitHub Actions to lint.
2023-12-20 14:58:25 +01:00
Marco Ferrari
117318f55c
ci: don't validate dependabot commits (#5026)
Dependabot doesn't allow configuring the max commit message line length
until https://github.com/dependabot/dependabot-core/issues/2445 is
resolved, so we cannot validate Dependabot commits at this time.
2023-12-20 09:12:02 +01:00
Marco Ferrari
9db632f0e1
ci: configure commitlint (#5014)
- Check if the PR contains a single commit, and fail otherwise.
- Enable commitlint to check if commits adhere to the
  conventialcommits.org spec.
- Update the the pull request template to point to the conventional
  commit spec.
- Update the dependabot configuration to add the "build(...)" prefix to
  commits.
2023-12-19 19:37:16 +01:00
Marco Ferrari
2d303aab53
Don't update the deployment if we didn't start it (#4995) 2023-12-19 11:10:53 +01:00