Bump to Kubernetes 1.32 #2293
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Linting | |
on: | |
pull_request: | |
permissions: {} | |
jobs: | |
apply-suggestions-commits: | |
name: 'No "Apply suggestions from code review" Commits' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Get PR commits | |
id: 'get-pr-commits' | |
uses: tim-actions/get-pr-commits@198af03565609bb4ed924d1260247b4881f09e7d | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: 'Verify no "Apply suggestions from code review" commits' | |
uses: tim-actions/commit-message-checker-with-regex@094fc16ff83d04e2ec73edb5eaf6aa267db33791 | |
with: | |
commits: ${{ steps.get-pr-commits.outputs.commits }} | |
pattern: '^(?!.*(apply suggestions from code review))' | |
flags: 'i' | |
error: 'Commits addressing code review feedback should typically be squashed into the commits under review' | |
- name: 'Verify no "fixup!" commits' | |
uses: tim-actions/commit-message-checker-with-regex@094fc16ff83d04e2ec73edb5eaf6aa267db33791 | |
with: | |
commits: ${{ steps.get-pr-commits.outputs.commits }} | |
pattern: '^(?!fixup!)' | |
flags: 'i' | |
error: 'Fixup commits should be squashed into the commits under review' | |
check-branch-dependencies: | |
name: Check branch dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Check that no dependencies include unmerged commits | |
run: make check-non-release-versions | |
code-gen: | |
name: Mock Code Generation | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Remove generated files | |
run: rm -f pkg/aws/client/fake/client.go pkg/gcp/client/fake/client.go pkg/ocp/fake/machineset.go | |
- name: Run code generation | |
run: make pkg/aws/client/fake/client.go pkg/gcp/client/fake/client.go pkg/ocp/fake/machineset.go | |
- name: Verify generated code matches committed code | |
run: git add -A && git diff --staged --exit-code | |
gitlint: | |
name: Commit Message(s) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
fetch-depth: 0 | |
- name: Run gitlint | |
run: make gitlint | |
golangci-lint: | |
name: Go | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run golangci-lint | |
run: make golangci-lint | |
markdown-link-check: | |
name: Markdown Links (modified files) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run markdown-link-check | |
uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec | |
with: | |
config-file: ".markdownlinkcheck.json" | |
check-modified-files-only: "yes" | |
base-branch: ${{ github.base_ref }} | |
markdownlint: | |
name: Markdown | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run markdownlint | |
run: make markdownlint | |
packagedoc-lint: | |
name: Package Documentation | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run packagedoc-lint | |
run: make packagedoc-lint | |
vulnerability-scan: | |
name: Vulnerability Scanning | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run Anchore vulnerability scanner | |
uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342 | |
id: scan | |
with: | |
path: "." | |
fail-build: true | |
severity-cutoff: high | |
- name: Show Anchore scan SARIF report | |
if: always() | |
run: cat ${{ steps.scan.outputs.sarif }} | |
- name: Upload Anchore scan SARIF report | |
if: always() | |
uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c | |
with: | |
sarif_file: ${{ steps.scan.outputs.sarif }} | |
yaml-lint: | |
name: YAML | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Run yamllint | |
run: make yamllint |