mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-22 16:51:05 -05:00
9d7268fb99
- Add support to run Checkov against infrastructure as code descriptors that are in a given (configurable) directory. Defaults to lint the whole workspace. - Establish a baseline for our own codebase so we don't have to fix issues right away with this change.
137 lines
4 KiB
YAML
137 lines
4 KiB
YAML
name: Build and Test
|
|
|
|
on:
|
|
pull_request:
|
|
merge_group:
|
|
workflow_dispatch:
|
|
|
|
# Don't grant any access by default
|
|
permissions: {}
|
|
|
|
jobs:
|
|
test:
|
|
name: Build and Test
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.images.target }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
images:
|
|
- prefix: slim-
|
|
target: slim
|
|
- prefix: ""
|
|
target: standard
|
|
timeout-minutes: 60
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Update action.yml
|
|
run: |
|
|
echo "yq version: $(yq --version)"
|
|
yq '.runs.image = env(CONTAINER_IMAGE_ID)' -i action.yml
|
|
echo "Action file contents:"
|
|
cat action.yml
|
|
|
|
- name: Set build metadata
|
|
run: |
|
|
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
|
BUILD_REVISION=${{ github.sha }}
|
|
BUILD_VERSION=${{ github.sha }}
|
|
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
|
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
|
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
|
else
|
|
echo "[ERROR] Event not supported when setting build revision and build version"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_REVISION}" ]; then
|
|
echo "[ERROR] BUILD_REVISION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_VERSION}" ]; then
|
|
echo "[ERROR] BUILD_VERSION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
{
|
|
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
|
echo "BUILD_REVISION=${BUILD_REVISION}"
|
|
echo "BUILD_VERSION=${BUILD_VERSION}"
|
|
} >> "${GITHUB_ENV}"
|
|
|
|
- name: Free Disk space
|
|
shell: bash
|
|
run: |
|
|
sudo rm -rf /usr/local/lib/android
|
|
sudo rm -rf /usr/share/dotnet
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Build Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile
|
|
build-args: |
|
|
BUILD_DATE=${{ env.BUILD_DATE }}
|
|
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
|
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
|
cache-from: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache
|
|
load: true
|
|
push: false
|
|
secrets: |
|
|
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
|
|
tags: |
|
|
${{ env.CONTAINER_IMAGE_ID }}
|
|
target: "${{ matrix.images.target }}"
|
|
|
|
- name: Test Local Action
|
|
uses: ./
|
|
env:
|
|
ACTIONS_RUNNER_DEBUG: true
|
|
CREATE_LOG_FILE: true
|
|
ERROR_ON_MISSING_EXEC_BIT: true
|
|
VALIDATE_ALL_CODEBASE: false
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
DEFAULT_BRANCH: main
|
|
RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json"
|
|
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json"
|
|
|
|
- name: Get the contents of the log file
|
|
run: |
|
|
sudo cat super-linter.log
|
|
sudo rm -v super-linter.log
|
|
|
|
- name: Run Test Suite
|
|
run: make test
|
|
|
|
preview-release-notes:
|
|
if: github.event_name == 'pull_request'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup authentication token
|
|
run: |
|
|
echo "${{ secrets.GITHUB_TOKEN }}" > .github-personal-access-token
|
|
|
|
- name: Generate a preview of the release notes
|
|
run: |
|
|
make release-please-dry-run
|