actions/superlint
1
0
Fork 0
mirror of https://github.com/super-linter/super-linter.git synced 2024-11-09 18:43:34 -05:00
Code Issues Projects Releases Packages Wiki Activity
3968 commits 24 branches 135 tags 148 MiB
Commit graph

382 commits

Author SHA1 Message Date
Marco Ferrari
9d7268fb99
feat: add support for checkov to lint iac files (#4925) 
- Add support to run Checkov against infrastructure as code descriptors
  that are in a given (configurable) directory. Defaults to lint the
  whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
  issues right away with this change.
 2023-12-22 13:22:15 +01:00
Marco Ferrari
641c65a8c4
ci: configure release-please dry-run and changelog (#5039) 
- Implement a job to preview the release notes
- Include build, ci, and dependency updates
- Add emoji to section headings to match the existing release notes
- Add documentation about how to run release-please from the CLI
 2023-12-21 15:03:14 +01:00
Marco Ferrari
d8ca23519b
build: use a base image (#5033) 
- Refactor Dockerfile to use a base image so that we can reuse the cache
  for the standard image and not just the base image.
- Simplify the cd workflow to take into account the Production
  environment only for latest images.
 2023-12-20 17:45:35 +01:00
Marco Ferrari
43dc36860c
ci: fix build cache in the cd workflow (#5032) 2023-12-20 16:39:19 +01:00
Marco Ferrari
238caec66e
ci: set current version to 5.7.2 (#5031) 
- Set the current version to 5.7.2 in release-please manifest
- Enable cache load in cd workflow
 2023-12-20 16:33:53 +01:00
Marco Ferrari
9c7046864f
ci: fix release workflow (#5030) 
- Don't run the Release job with a matrix because we don't want to run
  release-please and the git tag steps more than once.
- Don't get release metadata if release-please didn't create the release
  yet.
- Populate the container image build cache.
- Set the starting version and commit for release-please.
 2023-12-20 15:55:53 +01:00
Marco Ferrari
93b5ede1e8
ci: configure release-please (#5016) 
- Configure release-please to automatically create pull requests and
  releases.
- Run release-please and tag update in the CD workflow.
- Update Git tags pointing to latest, major.minor, and major versions as
  part of the CD workflow.
- Remove workflows (draft-release, release) that are not necessary
  anymore, and related configuration files.
- Handle automatic updates to README.md, action.yml, and action.yaml
- Mount .github to /tmp/lint/.github so super-linter finds config files,
  and the GitHub Actions to lint.
 2023-12-20 14:58:25 +01:00
Marco Ferrari
9db632f0e1
ci: configure commitlint (#5014) 
- Check if the PR contains a single commit, and fail otherwise.
- Enable commitlint to check if commits adhere to the
  conventialcommits.org spec.
- Update the the pull request template to point to the conventional
  commit spec.
- Update the dependabot configuration to add the "build(...)" prefix to
  commits.
 2023-12-19 19:37:16 +01:00
Marco Ferrari
2d303aab53
Don't update the deployment if we didn't start it (#4995) 2023-12-19 11:10:53 +01:00
dependabot[bot]
54d4ca17ed
Bump github/codeql-action from 2 to 3 (#5013) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 18:19:50 +00:00
Marco Ferrari
22b8624f61
Simplify container image build (#4962) 2023-12-15 11:59:36 +01:00
Marco Ferrari
e73e1bfdc3
Populate the cache with the latest image (#4988) 
* Pull the latest image and print info

* Pull latest from registry to populate the cache

* Don't pull image
 2023-12-15 08:22:13 +00:00
Marco Ferrari
ac4b767bd7
Reduce duplication in CI and CD workflows (#4982) 
* Reduce duplication in CI and CD workflows

* Fix indentation in README

* Load token from file

* Fix instructions

* Ignore test leftovers
 2023-12-12 18:53:48 +00:00
dependabot[bot]
fc0bde088f
Bump actions/stale from 8 to 9 (#4980) 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
 2023-12-11 18:39:51 +00:00
Marco Ferrari
7a21f934b4
Don't forcefully validate Git repos if not needed (#4953) 
* Fix find when linting non-git repos

* Remove uses

* Move safe.directory config after we set GITHUB_WORKSPACE

* Fix Git validation check

* Move 'find' test runner to makefile

* Validate vars before validating Git repo

* Validate Git repo even when VALIDATE_ALL_CODEBASE=false

* Initialize GITHUB_SHA when running locally

* Initialize safe git dirs

* Check git safe dirs error code

* Fix log level color marker

* Fix linting errors

* Fix change dir command

* Fix linting errors

* Set default branch
 2023-12-07 19:07:22 +00:00
Marco Ferrari
9869638131
Validate container image labels (#4926) 
* Validate labels and avoid busting the cache

* Fix validation

* Validate non-empty labels

* Add build date back

* Don't set build date

* Simplify validation script

* Enable build cache

* Setup buildx

* Dynamically set build revision and version

* Remove leftover

* Disable cache

* Add build date back

* Add build date back

* Fix linting errors

* Add checks

* Get head SHA

* Fix linting errors

* Handle merge_group
 2023-12-07 14:18:47 +00:00
Marco Ferrari
879672e936
Don't write colors and logs on disk if not necessary (#4934) 
* Don't write colors and logs on disk if not necessary

* Set color markers

* Fix colors

* Fix linting errors

* Fix linting errors

* Use sudo to access logs
 2023-12-05 08:04:13 +00:00
Marco Ferrari
5a8805dc4f
Exit on errors when running Git (#4889) 
* Exit on errors when running Git

* Skip pulling changes entirely

* Enable pipefail when generating diffs

* Cleanup

* Shallow repo check

* Echo GITHUB_SHA update

* Check if GITHUB_SHA exists before using it

* Move GITHUB_SHA validation to validation script

* Rely on cat-file return code

* Check if DEFAULT_BRANCH exists

* Change dir when checking DEFAULT_BRANCH

* Show git branches

* Don't switch branches

* Check GITHUB_SHA only when needed

* Ensure we have permissions before interacting with the repo

* Remove the DIFF_CMD variable

* Move TEST_CASE_RUN and RUN_LOCAL init up

* Validate if Git repo and if SHA exists

* Move validation function

* Change dir when getting branch names

* Move debug messages up to be less verbose

* Move branch validation in a function

* Fix linting errors
 2023-12-04 09:47:49 +00:00
Marco Ferrari
a8150b40c8
Fix ts-standard configuration (#4932) 
* Fix ts-standard configuration

* Fix default TYPESCRIPT_STANDARD_TSCONFIG_FILE assignment
 2023-12-02 08:35:41 +00:00
dependabot[bot]
cebb6675c7
Bump actions/github-script from 6 to 7 (#4879) 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
 2023-11-22 17:16:57 +00:00
dependabot[bot]
f3279a4414
Bump scalameta/scalafmt from 3.7.15 to v3.7.16 (#4861) 
* Bump scalameta/scalafmt from 3.7.15 to v3.7.16

Bumps scalameta/scalafmt from 3.7.15 to v3.7.16.

---
updated-dependencies:
- dependency-name: scalameta/scalafmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* add write permissions to workflow

* Update scala config version to match version installed

* fix indentation

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
Co-authored-by: zkoppert <zkoppert@users.noreply.github.com>
 2023-11-15 19:14:06 +00:00
dependabot[bot]
9ac420a9a6
Bump actions/checkout from 3 to 4 (#4807) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 18:34:25 +00:00
dependabot[bot]
414a5e5ce0
Bump scalameta/scalafmt from 3.7.3 to v3.7.15 (#4790) 
* Bump scalameta/scalafmt from 3.7.3 to v3.7.15

Bumps scalameta/scalafmt from 3.7.3 to v3.7.15.

---
updated-dependencies:
- dependency-name: scalameta/scalafmt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Create sync-scala-version.yaml

* checkout on branch instead of headless

* Update scala config version to match version installed

* Add yaml header

* rm EOL whitespace

* remove useless cat cmds

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
Co-authored-by: zkoppert <zkoppert@users.noreply.github.com>
 2023-10-28 01:49:31 +00:00
Zack Koppert
5b4dd480f4
github-actions automerges are causing merge queue CI jobs not to get triggered. Turning this off for now 2023-10-25 16:18:08 -07:00
Marco Ferrari
fecdc81066
Fix target key in CD workflow (#4773) 2023-10-20 23:08:40 +00:00
Marco Ferrari
dfedd306f3
Use the same image tags in CI and CD (#4778) 
* Use the same image tags in CI and CD

* Define image tag once per workflow

* Fix yq tag

* Don't quote yq to avoid literal interpretation

* yq version

* Fix yq tag

* Reduce duplication

* Fix workflow env var

* Don't remove an already removed container
 2023-10-19 21:03:14 +00:00
Zack Koppert
fb9b3e2d04
Create thank_contributors.yaml (#4775) 
* Create thank_contributors.yaml

* Update thank_contributors.yaml
 2023-10-19 20:53:05 +00:00
Marco Ferrari
f823c56d8c
Run tests against the production image (#4772) 
* Fix target key in CD workflow

* Temporarily reverting the fix, and add tests first
 2023-10-19 07:20:15 +00:00
Zack Koppert
df3875c857
Revert exact version pinning (#4761) 2023-10-16 22:00:32 -07:00
Zack Koppert
ffa8788acd
Attempt a force push 2023-10-16 12:02:31 -07:00
Zack Koppert
808d53c16a
Check out main on release workflow 2023-10-16 11:34:31 -07:00
Zack Koppert
5f87e94299
remove EOL whitespace 2023-10-16 10:15:51 -07:00
Zack Koppert
94dc95d6a5
Fix automation for release action.yml updates 2023-10-16 09:24:34 -07:00
Zack Koppert
f76e0a23e2
Remove codecov reports (#4737) 
* Remove codecov reports

* Remove Codacy Badge
 2023-10-16 10:31:52 +00:00
Zack Koppert
a911653a57
Add exact version number to action.yml on release (#4733) 
* Add exact version number to action.yml on release

Signed-off-by: Zack Koppert <zkoppert@github.com>

* remove trailing whitespace

---------

Signed-off-by: Zack Koppert <zkoppert@github.com>
 2023-10-14 21:40:57 -07:00
Zack Koppert
4789dbb291
free up space 2023-10-14 19:07:07 -07:00
Zack Koppert
0be718e6d6
revert to ubuntu-latest runners 2023-10-14 19:04:51 -07:00
Zack Koppert
c31a750ec4
Use large runners 2023-10-14 18:50:50 -07:00
Masaya Suzuki
50d462e0ec
renovate-config-validator: validate shareable config preset (#4674) 
* renovate-config-validator: validate default.json

* Add RENOVATE_SHAREABLE_CONFIG_PRESET_FILE

* Allow specifying multiple additional files with a environment variable

* Add break
 2023-09-29 20:25:37 +00:00
dependabot[bot]
746e2154ac
Bump docker/login-action from 2.2.0 to 3.0.0 (#4662) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.2.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-21 06:56:49 +00:00
dependabot[bot]
dcf598528f
Bump docker/build-push-action from 4 to 5 (#4663) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-18 19:01:58 +00:00
dependabot[bot]
28d8feb0b7
Bump docker/setup-buildx-action from 2.9.1 to 3.0.0 (#4651) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.1 to 3.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.9.1...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-15 00:13:33 +00:00
Marco Ferrari
4847ddc86b
Configure automation for dependency updates (#4648) 
* Configure automation for dependency updates

* Configure automation for dependency updates
 2023-09-12 19:04:39 +00:00
dependabot[bot]
384e8ff567
Bump actions/checkout from 3 to 4 (#4622) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-11 23:17:22 +00:00
Gustl22
c4c1ebb101
fix: Move commands to correct place (#4579) 
* Allow dispatch workflow

* Disable LUA

* Move R installation and cleanup

* Revert "Disable LUA"

This reverts commit d347897d77.

* Move cleaning step
 2023-08-25 18:25:04 +00:00
dependabot[bot]
a215f0c89d
Bump docker/login-action from 2.1.0 to 2.2.0 (#4368) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
 2023-08-17 15:15:00 +00:00
Zack Koppert
da4dd08cd6
Follow up with several more documentation and automation renames for the org move from github to super-linter (#4543) 
* move from github org to super-linter org

* rename to super-linter org

* rename to super-linter org

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter and remove dockerhub reference

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rename org to super-linter

* rm dockerhub section link
 2023-08-17 15:12:11 +00:00
dependabot[bot]
26cf2b9db1
Bump docker/setup-buildx-action from 2.9.0 to 2.9.1 (#4478) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-15 10:31:51 -07:00
dependabot[bot]
5323826453
Bump docker/build-push-action from 3 to 4 (#4134) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
 2023-08-10 04:37:44 +00:00
dependabot[bot]
9e526b084a
Bump docker/setup-buildx-action from 2.5.0 to 2.9.0 (#4460) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.5.0 to 2.9.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.9.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-10 12:49:14 -07:00