Containerize #13
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# MegaLinter GitHub Action configuration file | |
# More info at https://megalinter.github.io | |
name: MegaLinter | |
# yamllint disable-line rule:truthy | |
on: | |
# Triggers mega-linter when a pull_request event's activity type is opened, synchronize, or reopened by default. | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
permissions: | |
contents: write | |
issues: write | |
pull-requests: write | |
env: | |
# Comment env block if you do not want to apply fixes | |
# Apply linter fixes configuration | |
APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) | |
APPLY_FIXES_EVENT: all # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all) | |
APPLY_FIXES_MODE: commit # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request) | |
concurrency: | |
group: ${{ github.ref }}-${{ github.workflow }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: MegaLinter | |
runs-on: ubuntu-latest | |
permissions: write-all | |
steps: | |
# Git Checkout | |
- name: Checkout Code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4 | |
with: | |
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} | |
fetch-depth: 0 | |
# MegaLinter | |
- name: MegaLinter | |
id: ml | |
# You can override MegaLinter flavor used to have faster performances | |
# More info at https://megalinter.github.io/flavors/ | |
uses: oxsecurity/megalinter/flavors/ci_light@190cd0dad6dc52b2de5b810e3b290c3d6bdcc0f2 # [email protected] | |
env: | |
# All available variables are described in documentation | |
# https://megalinter.github.io/configuration/ | |
VALIDATE_ALL_CODEBASE: true | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY | |
# DISABLE: COPYPASTE,SPELL # Uncomment to disable copy-paste and spell checks | |
# Upload MegaLinter artifacts | |
- name: Archive production artifacts | |
if: always() | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # pin@v3 | |
with: | |
name: MegaLinter reports | |
path: | | |
megalinter-reports | |
megalinter-reports/megalinter.log | |
# Create pull request if applicable (for now works only on PR from same repository, not from forks) | |
- name: Create Pull Request with applied fixes | |
id: cpr | |
if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) | |
uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # pin@v5 | |
with: | |
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} | |
commit-message: "[MegaLinter] Apply linters automatic fixes" | |
title: "[MegaLinter] Apply linters automatic fixes" | |
labels: bot | |
- name: Create PR output | |
if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) | |
run: | | |
echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" | |
echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" | |
# Push new commit if applicable (for now works only on PR from same repository, not from forks) | |
- name: Prepare commit | |
if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) | |
run: sudo chown -Rc $UID .git/ | |
- name: Commit and push applied linter fixes | |
if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) | |
uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # pin@v5 | |
with: | |
branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }} | |
commit_message: "[MegaLinter] Apply linters fixes" | |
commit_user_name: megalinter-bot | |
commit_user_email: [email protected] | |
- name: Check to see if the SARIF a was generated | |
id: sarif_file_exists | |
uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # pin@v2 | |
with: | |
files: "megalinter-reports/megalinter-report.sarif" | |
- name: Upload MegaLinter scan results to GitHub Security tab | |
if: steps.sarif_file_exists.outputs.files_exists == 'true' | |
uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # pin@v2 | |
with: | |
sarif_file: "megalinter-reports/megalinter-report.sarif" |