actions/superlint
1
0
Fork 0
mirror of https://github.com/super-linter/super-linter.git synced 2024-09-17 18:07:34 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fix issues in the build workflow (#3357)

Browse source 
* Fix issues in the build workflow

* Don't build the image when running trivy

* Move the alpine glibc package key in the repo

* Move the alpine glibc package key in the repo

* Update labels

* Pull and tag
This commit is contained in:
Marco Ferrari 2022-09-27 16:30:54 +02:00 committed by GitHub
parent e4f768397e
commit 23e8ced872
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 62 additions and 306 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

138
.github/workflows/deploy-production.yml vendored
View file

@ -1,31 +1,13 @@
--- ---
############################################# name: Build, test, and eventually deploy super-linter container images
#############################################
## Deploy Docker Image test and Production ##
#############################################
#############################################
#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#
name: Deploy Production
###########################################
# Start the job on all push or PR to main #
###########################################
on: on:
pull_request: pull_request:
push: push:
###############
# Set the Job #
###############
jobs: jobs:
build: build:
# Name the Job name: Build, test, and eventually push the container image
name: Deploy Docker Image - DEV
# Set the agent to run on
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false fail-fast: false
@ -41,13 +23,7 @@ jobs:
image-id: standard image-id: standard
timeout-minutes: 60 timeout-minutes: 60
###############
# Steps below #
###############
steps: steps:
############################
# Checkout the source code #
############################
- name: Checkout Code - name: Checkout Code
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:
@ -55,23 +31,14 @@ jobs:
# of changed files within `super-linter` # of changed files within `super-linter`
fetch-depth: 0 fetch-depth: 0
########################### - name: Get current date and make it available as an environment variable
# Set current date to ENV #
###########################
- name: Get current date
run: | run: |
echo "Appending the build date contents to GITHUB_ENV..." echo "Appending the build date contents to GITHUB_ENV..."
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
####################### - name: Setup Docker BuildX
# Setup Docker BuildX #
#######################
- name: Setup BuildX
uses: docker/setup-buildx-action@v2.0.0 uses: docker/setup-buildx-action@v2.0.0
#######################################
# Build local docker images for tests #
#######################################
- name: Build Docker image - ${{ matrix.images.image-id }} - name: Build Docker image - ${{ matrix.images.image-id }}
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
uses: docker/build-push-action@v3.1.1 uses: docker/build-push-action@v3.1.1
@ -89,25 +56,16 @@ jobs:
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}test ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}test
target: "${{ matrix.images.container-build-target }}" target: "${{ matrix.images.container-build-target }}"
################################ - name: Run container image label test cases
# Run local docker labels test #
################################
- name: Run Docker label test cases
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
run: .automation/validate-docker-labels.sh "${{ matrix.images.image-id }}" run: .automation/validate-docker-labels.sh "${{ matrix.images.image-id }}"
#######################################
# Edit the action.yml for local tests #
#######################################
- name: Edit an action.yml file for test local build - name: Edit an action.yml file for test local build
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
run: | run: |
sed -i "s/super-linter:.*/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}'/g" action.yml sed -i "s/super-linter:.*/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}'/g" action.yml
######################
# Gather information #
######################
- name: Gather information about the runtime environment - name: Gather information about the runtime environment
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
@ -129,29 +87,19 @@ jobs:
DEFAULT_BRANCH: main DEFAULT_BRANCH: main
LOCAL_UPDATES: true LOCAL_UPDATES: true
# Workaround for https://github.com/actions/runner/issues/434
###############################################################
# Fix file and dir ownership. #
# Workaround for https://github.com/actions/runner/issues/434 #
###############################################################
- name: Fix file and directory ownership - name: Fix file and directory ownership
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
run: | run: |
sudo chown -R "$(id -u)":"$(id -g)" "$(pwd)" sudo chown -R "$(id -u)":"$(id -g)" "$(pwd)"
########################
# Run local make tests #
########################
- name: Run the test suite - name: Run the test suite
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
run: | run: |
make IMAGE=${{ matrix.images.image-id }} test make IMAGE=${{ matrix.images.image-id }} test
##########################
# Codacy Coverage Report #
##########################
- name: Upload the code coverage report - name: Upload the code coverage report
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
uses: codacy/codacy-coverage-reporter-action@v1.1 uses: codacy/codacy-coverage-reporter-action@v1.1
@ -161,10 +109,7 @@ jobs:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
coverage-reports: test/reports/cobertura/runTests.sh/cobertura.xml coverage-reports: test/reports/cobertura/runTests.sh/cobertura.xml
##################################### - name: Run test cases - ${{ matrix.images.image-id }}
# Run Linter against Test code base #
#####################################
- name: Run Test Cases - ${{ matrix.images.image-id }}
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
run: | run: |
@ -177,17 +122,11 @@ jobs:
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}" "ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}"
######################################### - name: Clean the working directory for additional testing
# Clean code base to run against it all #
#########################################
- name: Clean Test code base for additional testing
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
run: .automation/clean-code-base-for-tests.sh run: .automation/clean-code-base-for-tests.sh
############################################
# Run Linter against ALL cleaned code base #
############################################
- name: Run against all code base - ${{ matrix.images.image-id }} - name: Run against all code base - ${{ matrix.images.image-id }}
if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }}
shell: bash shell: bash
@ -200,26 +139,13 @@ jobs:
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}" "ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}"
############################################################# - name: Login to Docker Hub
#############################################################
## The following steps are only run if the PR is merges ##
## into the 'main' branch and push the image to registries ##
#############################################################
#############################################################
######################
# Login to DockerHub #
######################
- name: Login to DockerHub
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
uses: docker/login-action@v2.0.0 uses: docker/login-action@v2.0.0
with: with:
username: ${{ secrets.DOCKER_USERNAME }} username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }} password: ${{ secrets.DOCKER_PASSWORD }}
####################
# Login to GHCR.io #
####################
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
uses: docker/login-action@v2.0.0 uses: docker/login-action@v2.0.0
@ -228,10 +154,7 @@ jobs:
username: ${{ secrets.GCR_USERNAME }} username: ${{ secrets.GCR_USERNAME }}
password: ${{ secrets.GCR_TOKEN }} password: ${{ secrets.GCR_TOKEN }}
######################### - name: Start the deployment for the ${{ matrix.images.deployment-environment-identifier }} environment
# Update deployment API #
#########################
- name: Start deployment
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
uses: bobheadxi/deployments@v1.3.0 uses: bobheadxi/deployments@v1.3.0
id: deployment id: deployment
@ -240,10 +163,7 @@ jobs:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
env: ${{ matrix.images.deployment-environment-identifier }} env: ${{ matrix.images.deployment-environment-identifier }}
###################################### - name: Build the container image and push it - ${{ matrix.images.image-id }}
# Build the docker image and push it #
######################################
- name: Build Docker image - ${{ matrix.images.image-id }}
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@v3.1.1 uses: docker/build-push-action@v3.1.1
with: with:
@ -260,10 +180,18 @@ jobs:
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest
target: "${{ matrix.images.container-build-target }}" target: "${{ matrix.images.container-build-target }}"
####################################################### - name: Update the deployment status for the ${{ matrix.images.deployment-environment-identifier }} environment
# Create a GitHub Issue with the info from this build # if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
####################################################### uses: bobheadxi/deployments@v1.3.0
- name: Create GitHub Issue for failure with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env: ${{ steps.deployment.outputs.env }}
env_url: https://github.com/github/super-linter
- name: Create a GitHub issue on failure
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }}
uses: actions/github-script@v6 uses: actions/github-script@v6
id: create-issue id: create-issue
@ -280,14 +208,10 @@ jobs:
console.log('create', create) console.log('create', create)
return create.data.number return create.data.number
#################################### - name: Assign admins to the issue created on failure
# Deploy was failure, alert admins #
####################################
- name: Assign Admins on failure
uses: actions/github-script@v6 uses: actions/github-script@v6
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }}
with: with:
# https://octokit.github.io/rest.js/v18#issues-create
github-token: ${{secrets.GITHUB_TOKEN}} github-token: ${{secrets.GITHUB_TOKEN}}
script: | script: |
github.rest.issues.addAssignees({ github.rest.issues.addAssignees({
@ -304,17 +228,3 @@ jobs:
'ferrarimarco' 'ferrarimarco'
] ]
}) })
#########################
# Update Deployment API #
#########################
- name: Update deployment status
if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }}
uses: bobheadxi/deployments@v1.3.0
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env: ${{ steps.deployment.outputs.env }}
env_url: https://github.com/github/super-linter

108
.github/workflows/deploy-release.yml vendored
View file

@ -1,89 +1,40 @@
--- ---
################################# name: Deploy super-linter release container images
#################################
## Deploy Docker Image Release ##
#################################
#################################
#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#
name: Deploy Release
###########################################
# Start the job upon publishing a release #
###########################################
on: on:
# Start when a release is published
release: release:
types: [published] types: [published]
workflow_dispatch: workflow_dispatch:
# Set the input variables you want to pull in
inputs: inputs:
release_version: release_version:
description: 'version to release. Ex: v4.3.2' description: 'version to release. Ex: v4.3.2'
required: true required: true
default: 'v' default: 'v'
###############
# Set the Job #
###############
jobs: jobs:
build: build:
# Name the Job name: Deploy container image - Release
name: Deploy Docker Image - Release
# Set the agent to run on
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
images: images:
- container-build-target: final_slim - container-image-id-prefix: slim-
container-image-id-prefix: slim-
deployment-environment-identifier: Release-SLIM deployment-environment-identifier: Release-SLIM
image-id: slim - container-image-id-prefix: ""
- container-build-target: final_standard
container-image-id-prefix: ""
deployment-environment-identifier: Release deployment-environment-identifier: Release
image-id: standard
timeout-minutes: 60 timeout-minutes: 60
###############
# Steps below #
###############
steps: steps:
############################ - name: Setup Docker BuildX
# Checkout the source code #
############################
- name: Checkout Code
uses: actions/checkout@v3
###########################
# Set current date to ENV #
###########################
- name: Get current date
run: |
echo "Appending the build date contents to GITHUB_ENV..."
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
#######################
# Setup Docker BuildX #
#######################
- name: Setup BuildX
uses: docker/setup-buildx-action@v2.0.0 uses: docker/setup-buildx-action@v2.0.0
######################
# Login to DockerHub #
######################
- name: Login to DockerHub - name: Login to DockerHub
uses: docker/login-action@v2.0.0 uses: docker/login-action@v2.0.0
with: with:
username: ${{ secrets.DOCKER_USERNAME }} username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }} password: ${{ secrets.DOCKER_PASSWORD }}
####################
# Login to GHCR.io #
####################
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v2.0.0 uses: docker/login-action@v2.0.0
with: with:
@ -91,10 +42,7 @@ jobs:
username: ${{ secrets.GCR_USERNAME }} username: ${{ secrets.GCR_USERNAME }}
password: ${{ secrets.GCR_TOKEN }} password: ${{ secrets.GCR_TOKEN }}
########################### - name: Get current release identifier
# Get the current release #
###########################
- name: Get current Release number
# shellcheck disable=SC2062 # shellcheck disable=SC2062
run: | run: |
echo "RELEASE_VERSION=$(echo ${{ github.event.release.name }} \ echo "RELEASE_VERSION=$(echo ${{ github.event.release.name }} \
@ -106,10 +54,7 @@ jobs:
>> "${GITHUB_ENV}" >> "${GITHUB_ENV}"
fi fi
######################### - name: Start deployment for the ${{ matrix.images.deployment-environment-identifier }} environment
# Update deployment API #
#########################
- name: Start deployment
uses: bobheadxi/deployments@v1.3.0 uses: bobheadxi/deployments@v1.3.0
id: deployment id: deployment
with: with:
@ -117,33 +62,19 @@ jobs:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
env: ${{ matrix.images.deployment-environment-identifier }} env: ${{ matrix.images.deployment-environment-identifier }}
###################################### # We don't rebuild the image to avoid that the latest tag and the release tags don't point to what the release tag is pointing to.
# Build the docker image and push it # # Instead, we pull the latest image and tag it.
###################################### - name: Add release tags and push image
- name: Build Docker image - ${{ matrix.images.image-id }} uses: akhilerm/tag-push-action@v2.0.0
uses: docker/build-push-action@v3.1.1
with: with:
context: . src: ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest
file: ./Dockerfile dst: |
build-args: |
BUILD_DATE=${{ env.BUILD_DATE }}
BUILD_REVISION=${{ github.sha }}
BUILD_VERSION=${{ github.sha }}
load: false
push: true
tags: |
github/super-linter:${{ matrix.images.container-image-id-prefix }}latest
github/super-linter:${{ matrix.images.container-image-id-prefix }}v4 github/super-linter:${{ matrix.images.container-image-id-prefix }}v4
github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }} github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }}
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}v4 ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}v4
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }} ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }}
target: "${{ matrix.images.container-build-target }}"
######################### - name: Update the deployment status for the ${{ matrix.images.deployment-environment-identifier }} environment
# Update Deployment API #
#########################
- name: Update deployment status
uses: bobheadxi/deployments@v1.3.0 uses: bobheadxi/deployments@v1.3.0
if: always() if: always()
with: with:
@ -154,10 +85,7 @@ jobs:
env: ${{ steps.deployment.outputs.env }} env: ${{ steps.deployment.outputs.env }}
env_url: https://github.com/github/super-linter/releases/tag/${{ env.RELEASE_VERSION }} env_url: https://github.com/github/super-linter/releases/tag/${{ env.RELEASE_VERSION }}
####################################################### - name: Create a GitHub issue on failure
# Create a GitHub Issue with the info from this build #
#######################################################
- name: Create GitHub Issue for failure
if: failure() if: failure()
uses: actions/github-script@v6 uses: actions/github-script@v6
id: create-issue id: create-issue
@ -174,14 +102,10 @@ jobs:
console.log('create', create) console.log('create', create)
return create.data.number return create.data.number
############################ - name: Assign admins to the issue created on failure
# Assign admins on failure #
############################
- name: Assign Admins on failure
uses: actions/github-script@v6 uses: actions/github-script@v6
if: failure() if: failure()
with: with:
# https://octokit.github.io/rest.js/v18#issues-create
github-token: ${{secrets.GITHUB_TOKEN}} github-token: ${{secrets.GITHUB_TOKEN}}
script: | script: |
github.rest.issues.addAssignees({ github.rest.issues.addAssignees({

71
.github/workflows/repo-visualization.yml vendored
View file

@ -1,71 +0,0 @@
---
##############################
##############################
## Repository Visualization ##
##############################
##############################
#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#
name: Repository Visualization
###########################################
# Start the job on all push or PR to main #
###########################################
on:
schedule:
# Sunday at 5:00pm
- cron: "0 17 * * 0"
###############
# Set the Job #
###############
permissions:
contents: read
jobs:
build:
# Name the Job
name: Repository Visualization
# Set the agent to run on
runs-on: ubuntu-latest
timeout-minutes: 60
###############
# Steps below #
###############
steps:
############################
# Checkout the source code #
############################
- name: Checkout Code
uses: actions/checkout@v3
##############################
# Create Visualization Files #
##############################
- name: Create Visualization
uses: githubocto/repo-visualizer@0.8.2
with:
output_file: "./diagram.svg"
should_push: false
###########################
# Configure the AWS creds #
###########################
- name: Configure AWS Credentials
if: success()
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
############################
# Push the image to aws s3 #
############################
- name: Push diagram to s3
if: success()
run: aws s3 cp diagram.svg s3://super-linter/diagram.svg

8
.github/workflows/trivy.yml vendored
View file

@ -24,13 +24,6 @@ jobs:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v3
# ##########################
# # Build the docker image #
# ##########################
- name: Build an image from Dockerfile
run: |
docker build -t "docker.io/github/super-linter:${{ github.sha }}" .
################################# #################################
# Run Trivy Scan of source code # # Run Trivy Scan of source code #
################################# #################################
@ -48,6 +41,5 @@ jobs:
################################# #################################
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
if: always()
with: with:
sarif_file: 'report.sarif' sarif_file: 'report.sarif'

18
Dockerfile
View file

@ -207,6 +207,10 @@ RUN mkdir -p /home/r-library \
&& Rscript -e "install.packages(c('lintr','purrr'), repos = 'https://cloud.r-project.org/')" \ && Rscript -e "install.packages(c('lintr','purrr'), repos = 'https://cloud.r-project.org/')" \
&& R -e "install.packages(list.dirs('/home/r-library',recursive = FALSE), repos = NULL, type = 'source')" && R -e "install.packages(list.dirs('/home/r-library',recursive = FALSE), repos = NULL, type = 'source')"
# Source: https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
# Store the key here because the above host is sometimes down, and breaks our builds
COPY dependencies/sgerrand.rsa.pub /etc/apk/keys/sgerrand.rsa.pub
################### ###################
# Install Kubeval # # Install Kubeval #
################### ###################
@ -214,9 +218,9 @@ RUN wget --tries=5 -q -O kubeval-linux-amd64.tar.gz https://github.com/instrumen
&& tar xf kubeval-linux-amd64.tar.gz \ && tar xf kubeval-linux-amd64.tar.gz \
&& mv kubeval /usr/local/bin \ && mv kubeval /usr/local/bin \
&& rm kubeval-linux-amd64.tar.gz \ && rm kubeval-linux-amd64.tar.gz \
################## ##################
# Install ktlint # # Install ktlint #
################## ##################
&& curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint \ && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint \
&& chmod a+x ktlint \ && chmod a+x ktlint \
&& mv "ktlint" /usr/bin/ \ && mv "ktlint" /usr/bin/ \
@ -225,7 +229,6 @@ RUN wget --tries=5 -q -O kubeval-linux-amd64.tar.gz https://github.com/instrumen
#################### ####################
# Install dart-sdk # # Install dart-sdk #
#################### ####################
&& wget --tries=5 -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub \
&& wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \ && wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \
&& apk add --no-cache glibc-${GLIBC_VERSION}.apk \ && apk add --no-cache glibc-${GLIBC_VERSION}.apk \
&& rm glibc-${GLIBC_VERSION}.apk \ && rm glibc-${GLIBC_VERSION}.apk \
@ -329,11 +332,14 @@ ENV BUILD_REVISION=$BUILD_REVISION
ENV BUILD_VERSION=$BUILD_VERSION ENV BUILD_VERSION=$BUILD_VERSION
ENV IMAGE="slim" ENV IMAGE="slim"
# Source: https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
# Store the key here because the above host is sometimes down, and breaks our builds
COPY dependencies/sgerrand.rsa.pub /etc/apk/keys/sgerrand.rsa.pub
###################################### ######################################
# Install Phive dependencies and git # # Install Phive dependencies and git #
###################################### ######################################
RUN wget --tries=5 -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub \ RUN wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \
&& wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \
&& apk add --no-cache \ && apk add --no-cache \
bash \ bash \
ca-certificates \ ca-certificates \

16
README.md
View file

@ -48,10 +48,6 @@ The super-linter finds issues and reports them to the console output. Fixes are
The design of the **Super-Linter** is currently to allow linting to occur in **GitHub Actions** as a part of continuous integration occurring on pull requests as the commits get pushed. It works best when commits are being pushed early and often to a branch with an open or draft pull request. There is some desire to move this closer to local development for faster feedback on linting errors but this is not yet supported. The design of the **Super-Linter** is currently to allow linting to occur in **GitHub Actions** as a part of continuous integration occurring on pull requests as the commits get pushed. It works best when commits are being pushed early and often to a branch with an open or draft pull request. There is some desire to move this closer to local development for faster feedback on linting errors but this is not yet supported.
### Repository Visualization
![Visualization of the codebase](https://super-linter.s3.us-west-2.amazonaws.com/diagram.svg)
## Supported Linters ## Supported Linters
Developers on **GitHub** can call the **GitHub Action** to lint their codebase with the following list of linters: Developers on **GitHub** can call the **GitHub Action** to lint their codebase with the following list of linters:
@ -60,7 +56,7 @@ Developers on **GitHub** can call the **GitHub Action** to lint their codebase w
| --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Ansible** | [ansible-lint](https://github.com/ansible/ansible-lint) | | **Ansible** | [ansible-lint](https://github.com/ansible/ansible-lint) |
| **AWS CloudFormation templates** | [cfn-lint](https://github.com/aws-cloudformation/cfn-python-lint/) | | **AWS CloudFormation templates** | [cfn-lint](https://github.com/aws-cloudformation/cfn-python-lint/) |
| **Azure Resource Manager (ARM)** | [arm-ttk](https://github.com/azure/arm-ttk) | | **Azure Resource Manager (ARM)** | [arm-ttk](https://github.com/azure/arm-ttk) |
| **C++** | [cpp-lint](https://github.com/cpplint/cpplint) / [clang-format](https://clang.llvm.org/docs/ClangFormatStyleOptions.html) | | **C++** | [cpp-lint](https://github.com/cpplint/cpplint) / [clang-format](https://clang.llvm.org/docs/ClangFormatStyleOptions.html) |
| **C#** | [dotnet-format](https://github.com/dotnet/format) / [clang-format](https://clang.llvm.org/docs/ClangFormatStyleOptions.html) | | **C#** | [dotnet-format](https://github.com/dotnet/format) / [clang-format](https://clang.llvm.org/docs/ClangFormatStyleOptions.html) |
| **CSS** | [stylelint](https://stylelint.io/) | | **CSS** | [stylelint](https://stylelint.io/) |
@ -141,11 +137,6 @@ This file should have the following code:
################################# #################################
name: Lint Code Base name: Lint Code Base
#
# Documentation:
# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
#
############################# #############################
# Start the job on all push # # Start the job on all push #
############################# #############################
@ -448,11 +439,6 @@ Example workflow:
################################# #################################
name: Lint Code Base name: Lint Code Base
#
# Documentation:
# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
#
############################# #############################
# Start the job on all push # # Start the job on all push #
############################# #############################

9
dependencies/sgerrand.rsa.pub vendored Normal file
View file

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m
y70AGEa/J3Wi5ibNVGNn1gT1r0VfgeWd0pUybS4UmcHdiNzxJPgoWQhV2SSW1JYu
tOqKZF5QSN6X937PTUpNBjUvLtTQ1ve1fp39uf/lEXPpFpOPL88LKnDBgbh7wkCp
m2KzLVGChf83MS0ShL6G9EQIAUxLm99VpgRjwqTQ/KfzGtpke1wqws4au0Ab4qPY
KXvMLSPLUp7cfulWvhmZSegr5AdhNw5KNizPqCJT8ZrGvgHypXyiFvvAH5YRtSsc
Zvo9GI2e2MaZyo9/lvb+LbLEJZKEQckqRj4P26gmASrZEPStwc+yqy1ShHLA0j6m
1QIDAQAB
-----END PUBLIC KEY-----