gh: Add ratchet checker

erlang · Nov 13, 2024 · 9d67502 · 9d67502
1 parent 53fa0ab
commit 9d67502
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/.github/workflows/github-actions-checker.yaml b/.github/workflows/github-actions-checker.yaml
@@ -0,0 +1,26 @@
+## To fix issues with this run:
+##
+##  bash -c "shopt -s nullglob; docker run --rm -e GITHUB_TOKEN=$(cat ~/.githubtoken) -v \"${PWD}:${PWD}\" -w \"${PWD}\" ghcr.io/sethvargo/ratchet:latest pin .github/actions/*/*.{yaml,yml} .github/*/*.{yaml,yml}"
+##  git diff --ignore-all-space > .github/actions_patch && git checkout . && git apply --ignore-space-change .github/actions_patch && rm -f .github/actions_patch && git add -u
+##  git commit -m "Pin all dependencies"
+name: Check github actions
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  check-version-pinning:
+    runs-on: 'ubuntu-latest'
+    name: 'ratchet'
+    steps:
+      - uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/[email protected]
+      - id: files
+        run:  |
+            FILES=$(find .github/ -name "*.yml" -o -name "*.yaml" -printf "%p ")
+            echo "${FILES}"
+            echo "files=${FILES}" >> $GITHUB_OUTPUT
+
+      - uses: 'docker://ghcr.io/sethvargo/ratchet:latest@sha256:2946723648d429c1939025f7e4b140d874b9d9a07a01c379b1eccd61b5fd28a5' # ratchet:docker://ghcr.io/sethvargo/ratchet:latest
+        with:
+          args: 'check ${{ steps.files.outputs.files }}'