Skip to content

Merge pull request #53 from mdeweerd/fix/deploy #369

Merge pull request #53 from mdeweerd/fix/deploy

Merge pull request #53 from mdeweerd/fix/deploy #369

Workflow file for this run

---
name: CI
# yamllint disable-line rule:truthy
on:
push:
pull_request:
types:
- opened
- reopened
- synchronize
workflow_dispatch:
permissions:
actions: read
contents: read
packages: read
security-events: read
jobs:
information:
name: Gather app information
runs-on: ubuntu-latest
outputs:
architectures: ${{ steps.information.outputs.architectures }}
build: ${{ steps.information.outputs.build }}
description: ${{ steps.information.outputs.description }}
name: ${{ steps.information.outputs.name }}
slug: ${{ steps.information.outputs.slug }}
target: ${{ steps.information.outputs.target }}
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run app information action
id: information
uses: frenck/action-addon-information@ce1377e9851cf569c29329e65fb2c57e67ca0f69 # v1.4.2
lint-app:
name: Lint App
needs:
- information
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run App Lint
uses: frenck/action-addon-linter@f995494fd84fae6310d23617e66d0e37de4f14eb # v2.21.0
with:
path: "./${{ needs.information.outputs.target }}"
lint-hadolint:
name: Hadolint
needs:
- information
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run Hadolint
uses: brpaz/hadolint-action@v1.5.0
with:
dockerfile: "./${{ needs.information.outputs.target }}/Dockerfile"
lint-json:
name: JSON Lint
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run JQ
run: |
shopt -s globstar nullglob
for file in **/*.json; do
if ! jq '.' "$file" > /dev/null 2>&1; then
echo "::error file=${file}::Invalid JSON in ${file}"
jq '.' "$file"
exit 1
fi
done
lint-shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run Shellcheck
uses: ludeeus/action-shellcheck@2.0.0
env:
SHELLCHECK_OPTS: -s bash
lint-yamllint:
name: YAMLLint
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run YAMLLint
uses: frenck/action-yamllint@34b4bbcaeabedcfefad6adea8c5bbc42af0e2d47 # v1.5
lint-prettier:
name: Prettier
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run Prettier
uses: creyD/prettier_action@v4.6
with:
prettier_options: --check **/*.{json,js,md,yaml}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
lint-zizmor:
name: zizmor
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run zizmor
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
dependency-review:
name: Dependency review
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Check out code from GitHub
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Dependency review
uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0