Merge PR #168 #352
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow executes several linters on changed files based on languages used in your code base whenever | |
| # you push a code or open a pull request. | |
| # | |
| # You can adjust the behavior by modifying this file. | |
| # For more information, see: | |
| # https://github.com/github/super-linter | |
| # This GitHub Actions workflow is designed to run several linters on the code base whenever changes are pushed | |
| # to the main branch or a pull request is opened against the main branch. It can also be triggered manually | |
| # using the workflow_dispatch event. | |
| # | |
| # The workflow consists of a single job named "run-lint" which performs the following steps: | |
| # 1. Harden Runner: Uses the step-security/harden-runner action to enhance the security of the runner environment. | |
| # 2. Checkout code: Uses the actions/checkout action to fetch the code from the repository with full git history. | |
| # 3. Lint Code Base: Uses the super-linter/super-linter action to run various linters on the code base. | |
| # | |
| # The workflow requires the following permissions: | |
| # - contents: write (for the workflow itself) | |
| # - contents: read (for actions/checkout to fetch code) | |
| # - statuses: write (for super-linter to mark the status of each linter run) | |
| # | |
| # Environment variables: | |
| # - DEFAULT_BRANCH: Specifies the default branch (main) for the repository. | |
| # - GITHUB_TOKEN: Provides a token to authenticate with GitHub. | |
| # - DISABLE_ERRORS: Disables errors in the linter output (set to true). | |
| # | |
| # For more information on configuring and using the Super Linter, visit: | |
| # https://github.com/github/super-linter | |
| name: Lint Code Base | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| permissions: | |
| contents: write | |
| jobs: | |
| run-lint: | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| statuses: write # for github/super-linter to mark status of each linter run | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| # Full git history is needed to get a proper list of changed files within `super-linter` | |
| fetch-depth: 0 | |
| - name: Lint Code Base | |
| uses: super-linter/super-linter@4e8a7c2bf106c4c766c816b35ec612638dc9b6b2 # v7.3.0 | |
| #checkov:skip=skip-check:CKV2_GHA_1 | |
| env: | |
| DEFAULT_BRANCH: "main" | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DISABLE_ERRORS: true |