⬆️ gha: Bump the github-actions group with 2 updates (#79) #127
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
types: [opened, synchronize, reopened] | |
permissions: | |
contents: read | |
jobs: | |
tflint: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: tflint | |
uses: reviewdog/action-tflint@0a8c6a4cc8788c02fe181ea6b8530975688f1a33 # v1.23.2 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
tflint_version: v0.49.0 | |
tflint_init: true | |
flags: --no-module --recursive | |
trivy: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: trivy | |
uses: reviewdog/action-trivy@14e16b394d55cc5cbbf0797b04fa5257adbe6e7a # v1.11.0 | |
with: | |
github_token: ${{ github.token }} | |
trivy_command: config | |
trivy_target: "." | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
golangci-lint: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: golangci-lint | |
uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
workdir: test/ | |
go_version_file: test/go.mod | |
prettier: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: create package.json | |
run: | | |
echo -e '{"devDependencies": {"prettier": "^3.1.0"}}' > package.json | |
- name: prettier | |
uses: EPMatt/reviewdog-action-prettier@93fb51ed5da157256e1d8c998fb249837304050c # v1.2.0 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
misspell: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: misspell | |
uses: reviewdog/action-misspell@ef8b22c1cca06c8d306fc6be302c3dab0f6ca12f # v1.23.0 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
exclude: | | |
./.git/* | |
./.cache/* | |
alex: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: alex | |
uses: reviewdog/action-alex@f95df9e356d97e67e4626f04ad125c4a99a906a9 # v1.13.0 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
alex_flags: | | |
* .github/* .github/workflows/* docs/* test/* examples/complete/* | |
markdownlint: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: markdownlint | |
uses: reviewdog/action-markdownlint@e9f3ab4fea1433280a4b0eddca17be1340dfea94 # v0.24.0 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file | |
markdownlint_flags: | | |
--disable MD033 MD013 -- . | |
actionlint: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: actionlint | |
uses: reviewdog/action-actionlint@4f8f9963ca57a41e5fd5b538dd79dbfbd3e0b38a # v1.54.0 | |
with: | |
github_token: ${{ github.token }} | |
reporter: github-pr-review | |
fail_on_error: "false" | |
filter_mode: file |