Skip to content

🔄 synced file(s) with dealroom/core-mothership #336

🔄 synced file(s) with dealroom/core-mothership

🔄 synced file(s) with dealroom/core-mothership #336

Workflow file for this run

# Auto-synced file, managed by [dealroom/core-mothership](https://github.com/dealroom/core-mothership)
# The changes to this file will be automatically overwritten on the next sync. Do not edit by hand!
name: Lint
on:
pull_request:
types: [opened, synchronize, reopened, labeled, unlabeled]
permissions: read-all
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}-${{ github.event_name }}
cancel-in-progress: true
jobs:
pr-labels:
runs-on: ubuntu-latest
outputs:
labels: ${{ steps.pr-labels.outputs.labels }}
permissions:
contents: read
pull-requests: read
steps:
- name: Get PR labels
id: pr-labels
uses: joerick/pr-labels-action@0543b277721e852d821c6738d449f2f4dea03d5f # v1.0.9
lint:
needs: pr-labels
# Run only if:
# - the `force-lint` label is present
# OR
# - the `dependencies` is not present
# AND the `sync` label is NOT present
# AND the PR is NOT created by dependabot or renovate bots
if: |
contains(needs.pr-labels.outputs.labels, 'force-lint')
||
(
!contains(needs.pr-labels.outputs.labels, 'dependencies')
&&
!contains(needs.pr-labels.outputs.labels, 'sync')
&&
github.event.pull_request.user.login != 'dependabot[bot]'
&&
github.event.pull_request.user.login != 'renovate[bot]'
)
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
# To report GitHub Actions status checks
statuses: write
steps:
- name: Checkout Repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0
- name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b8f9a25a51fe633d9215ac7734854dc11cd299cb # v3.0.13
- name: Check that "do not merge" or "do-not-merge" label is not present
if: |
(
contains(needs.pr-labels.outputs.labels, 'do not merge')
||
contains(needs.pr-labels.outputs.labels, 'do-not-merge')
)
run: |
echo 'The "do not merge" or "do-not-merge" label is present. Please remove it before merging.'
exit 1
shell: bash
- name: Check if a setup action exists
id: check_files
uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
with:
files: ./.github/actions/setup/action.yml
- name: Load super-linter configuration
run: grep -o '^[^#]*' .github/super-linter.env >> "$GITHUB_ENV"
- name: Setup application
uses: ./.github/actions/setup
if: steps.check_files.outputs.files_exists == 'true'
with:
github-token: ${{ secrets.GH_TOKEN_DEALROOMBA }}
extensions: ${{ vars.EXTENSIONS || 'none' }}
- name: Lint Codebase
uses: super-linter/super-linter/slim@b4515bd4ad9d0aa4681960e053916ab991bdbe96 # v6.8.0
# For a full list of environment variables see `.github/super-linter.env`
env:
GITHUB_TOKEN: ${{ github.token }}
# Required for checkov pulling external modules from private repositories
GITHUB_PAT: ${{ secrets.GH_TOKEN_DEALROOMBA }}
VALIDATE_ALL_CODEBASE: ${{ vars.LINT_VALIDATE_ALL_CODEBASE || 'true' }}