⬆️ gha: Bump the github-actions group across 1 directory with 14 updates #220
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Lint | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: read | |
| jobs: | |
| tflint: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: tflint | |
| uses: reviewdog/action-tflint@f17a66a19220804dfa5ba4912e1a9fe7c530fe0a # v1.24.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: true | |
| filter_mode: file | |
| tflint_init: true | |
| flags: --no-module --recursive | |
| trivy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: trivy | |
| uses: reviewdog/action-trivy@e6cd771ecf02450ec6cd1a3226f5f2b65597ad05 # v1.13.5 | |
| with: | |
| github_token: ${{ github.token }} | |
| trivy_command: config | |
| trivy_target: "." | |
| reporter: github-pr-review | |
| fail_on_error: true | |
| filter_mode: file | |
| golangci-lint: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: golangci-lint | |
| uses: reviewdog/action-golangci-lint@dd3fda91790ca90e75049e5c767509dc0ec7d99b # v2.7.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: true | |
| filter_mode: file | |
| workdir: test/ | |
| go_version_file: test/go.mod | |
| prettier: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: create package.json | |
| run: | | |
| echo -e '{"devDependencies": {"prettier": "^3.1.0"}}' > package.json | |
| - name: prettier | |
| uses: EPMatt/reviewdog-action-prettier@93fb51ed5da157256e1d8c998fb249837304050c # v1.2.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: true | |
| filter_mode: file | |
| misspell: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: misspell | |
| uses: reviewdog/action-misspell@18ffb61effb93b47e332f185216be7e49592e7e1 # v1.26.1 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: false | |
| filter_mode: file | |
| exclude: | | |
| ./.git/* | |
| ./.cache/* | |
| alex: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: alex | |
| uses: reviewdog/action-alex@986cf7dd82e702f82b4173deaa793a849f5b719d # v1.15.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: false | |
| filter_mode: file | |
| alex_flags: | | |
| * .github/* .github/workflows/* docs/* test/* examples/complete/* | |
| markdownlint: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: markdownlint | |
| uses: reviewdog/action-markdownlint@f901468edf9a3634dd39b35ba26cad0aad1a0bfd # v0.26.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: false | |
| filter_mode: file | |
| actionlint: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: actionlint | |
| uses: reviewdog/action-actionlint@f3dcc52bc6039e5d736486952379dce3e869e8a2 # v1.63.0 | |
| with: | |
| github_token: ${{ github.token }} | |
| reporter: github-pr-review | |
| fail_on_error: true | |
| filter_mode: file |