chore: Update .gitignore #61
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Review | |
| on: | |
| pull_request: | |
| types: | |
| - edited | |
| - opened | |
| - reopened | |
| - synchronize | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| permissions: read-all | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| checks: write | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.1.7 https://github.com/actions/checkout/commit/692973e3d937129bcbf40652eb9f2f61becf3332 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Lint Code Base | |
| uses: github/super-linter@b807e99ddd37e444d189cfd2c2ca1274d8ae8ef1 # v7.1.0 https://github.com/super-linter/super-linter/commit/b92721f792f381cedc002ecdbb9847a15ece5bb8 | |
| env: | |
| DEFAULT_BRANCH: main | |
| GITHUB_TOKEN: ${{ github.token }} | |
| VALIDATE_ALL_CODEBASE: false | |
| VALIDATE_BASH: false | |
| VALIDATE_DOCKERFILE_HADOLINT: false # fixme: superlinter not using .hadolint.yaml | |
| VALIDATE_KUBERNETES_KUBECONFORM: false # fixme: enable kubeconform | |
| VALIDATE_YAML_PRETTIER: false # fixme: ignore symlink | |
| # - name: Trunk Check | |
| # uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16 https://github.com/trunk-io/trunk-action/commit/86b68ffae610a05105e90b1f52ad8c549ef482c2 | |
| # with: | |
| # post-annotations: true | |
| scanning: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.1.7 https://github.com/actions/checkout/commit/692973e3d937129bcbf40652eb9f2f61becf3332 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| # - name: GitGuardian Scan | |
| # uses: GitGuardian/ggshield-action@ed817b2930f8dbf32995b6d8bbf65499e6a4e3be # v1.31.0 https://github.com/GitGuardian/ggshield-action/commit/ed817b2930f8dbf32995b6d8bbf65499e6a4e3be | |
| # env: | |
| # GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | |
| # GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | |
| # GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
| # GITHUB_PUSH_BASE_SHA: ${{ github.event.before }} | |
| # GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | |
| # - name: SonarQube Scan | |
| # uses: sonarsource/sonarqube-scan-action@aecaf43ae57e412bd97d70ef9ce6076e672fe0a9 # v3.0.0 https://github.com/SonarSource/sonarqube-scan-action/commit/aecaf43ae57e412bd97d70ef9ce6076e672fe0a9 | |
| # env: | |
| # SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| review: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| needs: | |
| - lint | |
| - scanning | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.1.7 https://github.com/actions/checkout/commit/692973e3d937129bcbf40652eb9f2f61becf3332 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Labeler | |
| uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 https://github.com/actions/labeler/commit/8558fd74291d67161a8a78ce36a881fa63b766a9 | |
| - name: Dependency Review | |
| uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.3.4 https://github.com/actions/dependency-review-action/commit/5a2ce3f5b92ee19cbb1541a4984c76d921601d7c | |
| with: | |
| allow-ghsas: none | |
| allow-licenses: Apache-2.0,BSD-2-Clause,BSD-3-Clause,CC0-1.0,GPL-2.0,GPL-3.0,ISC,MIT,LGPL-3.0 | |
| # deny-packages: empty | |
| fail-on-severity: low | |
| # retry-on-snapshot-warnings-timeout: 120 | |
| # retry-on-snapshot-warnings: true | |
| assign: | |
| runs-on: ubuntu-latest | |
| needs: review | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.1.7 https://github.com/actions/checkout/commit/692973e3d937129bcbf40652eb9f2f61becf3332 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Auto-assign | |
| uses: kentaro-m/auto-assign-action@f4648c0a9fdb753479e9e75fc251f507ce17bb7e # v2.0.0 https://github.com/kentaro-m/auto-assign-action/commit/f4648c0a9fdb753479e9e75fc251f507ce17bb7e |