fix: flavor bug #67
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Quality | |
| # Workflow to check if project meets the code quality standards of the Biosustain group | |
| on: | |
| workflow_call: | |
| inputs: | |
| JSON_ENV: | |
| description: | | |
| JSON string with environment variables to pass to the mega-linter. | |
| To pass all environment variables, use toJson(env) | |
| required: false | |
| default: '{}' # Empty JSON object | |
| type: string | |
| FLAVOR: | |
| description: | | |
| You can override MegaLinter flavor used to have faster performances | |
| More info at https://megalinter.io/flavors/ | |
| required: false | |
| default: all | |
| type: string | |
| workflow_dispatch: | |
| inputs: | |
| JSON_ENV: | |
| description: | | |
| JSON string with environment variables to pass to the mega-linter. | |
| required: false | |
| default: '{}' # Empty JSON object | |
| type: string | |
| FLAVOR: | |
| description: | | |
| You can override MegaLinter flavor used to have faster performances | |
| More info at https://megalinter.io/flavors/ | |
| required: false | |
| default: all | |
| type: choice | |
| options: | |
| - all | |
| - c_cpp | |
| - ci_light | |
| - cupcake | |
| - documentation | |
| - dotnet | |
| - dotnetweb | |
| - formatters | |
| - go | |
| - java | |
| - javascript | |
| - php | |
| - python | |
| - ruby | |
| - rust | |
| - salesforce | |
| - security | |
| - swift | |
| - terraformg | |
| # Trigger the workflow also on push or pull request in this repository | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| # Give the default GITHUB_TOKEN write permission to commit and push, comment | |
| # issues & post new PR; remove the ones you do not need | |
| permissions: | |
| security-events: write | |
| actions: read # Needed to run codeql/upload-sarif@v3 | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| statuses: write | |
| concurrency: | |
| group: ${{ github.ref }}-${{ github.workflow }} | |
| cancel-in-progress: true | |
| env: | |
| MEGALINT_VERSION: v7.10.0 # Cannot pin this version since we use multiple flavors | |
| MEGALINT_FLAVOR: ${{ (inputs.FLAVOR && inputs.FLAVOR != 'all') && format('/flavors/{0}', inputs.FLAVOR) || '' }} | |
| jobs: | |
| check-code-quality: | |
| name: Run MegaLinter to check code quality | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Load configuration | |
| uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| with: | |
| repository: biosustain/code-quality-check | |
| path: config | |
| - name: Checkout Code | |
| uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
| with: | |
| token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} | |
| path: code | |
| fetch-depth: 0 | |
| - name: Set config path environment variables | |
| env: | |
| JSON_ENV: ${{ inputs.JSON_ENV }} | |
| run: | | |
| # Set the environment variables for the MegaLinter | |
| echo "$JSON_ENV" | jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" | tee -a "$GITHUB_ENV" | |
| # Extend the configuration file if it exists, else use default | |
| if [ -f code/.mega-linter.yml ]; then | |
| # This cannot be set is there is no .mega-linter.yml in project | |
| echo 'EXTENDS=../config/.mega-linter.yml' | tee -a "$GITHUB_ENV" | |
| else | |
| echo 'MEGALINTER_CONFIG=../config/.mega-linter.yml' | tee -a "$GITHUB_ENV" | |
| fi | |
| # MegaLinter | |
| - name: MegaLinter | |
| uses: jenseng/dynamic-uses@5175289a9a87978dcfcb9cf512b821d23b2a53eb # v1 | |
| id: ml | |
| env: | |
| # All available variables are described in documentation | |
| # https://megalinter.io/configuration/ | |
| # Define the reporters used in this action (not overrideable) | |
| SARIF_REPORTER: true | |
| MARKDOWN_SUMMARY_REPORTER: true | |
| GITHUB_WORKSPACE: ${{ github.workspace }}/code | |
| DEFAULT_WORKSPACE: ${{ github.workspace }}/code | |
| # Validates all source when push on main, else just the git diff with | |
| # main. | |
| VALIDATE_ALL_CODEBASE: > | |
| ${{ | |
| github.event_name == 'push' && | |
| contains(fromJSON('["refs/heads/main", "refs/heads/master"]'), github.ref) | |
| }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| # You can override MegaLinter flavor used to have faster performances | |
| # More info at https://megalinter.io/flavors/ | |
| uses: oxsecurity/megalinter${{ env.MEGALINT_FLAVOR }}@${{ env.MEGALINT_VERSION }} | |
| # Upload MegaLinter artifacts | |
| - name: Archive production artifacts | |
| uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
| if: always() && (steps.ml.outcome == 'success' || steps.ml.outcome == 'failure') # Only upload if MegaLinter ran | |
| with: | |
| name: MegaLinter reports | |
| path: | | |
| megalinter-reports | |
| mega-linter.log | |
| - name: Upload MegaLinter scan results to GitHub Security tab | |
| continue-on-error: true # This might error if github advanced security is not enabled | |
| if: always() && (steps.ml.outcome == 'success' || steps.ml.outcome == 'failure') # Only upload if MegaLinter ran | |
| uses: github/codeql-action/upload-sarif@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 | |
| with: | |
| sarif_file: "megalinter-reports/megalinter-report.sarif" | |
| - name: Show report in job summary | |
| if: always() && (steps.ml.outcome == 'success' || steps.ml.outcome == 'failure') # Only upload if MegaLinter ran | |
| run: tee "$GITHUB_STEP_SUMMARY" < megalinter-reports/megalinter-report.md |