Updating GHES workflows
This commit is contained in:
@@ -1,118 +0,0 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow performs a static analysis of your Kotlin source code using
|
||||
# Detekt.
|
||||
#
|
||||
# Scans are triggered:
|
||||
# 1. On every push to default and protected branches
|
||||
# 2. On every Pull Request targeting the default branch
|
||||
# 3. On a weekly schedule
|
||||
# 4. Manually, on demand, via the "workflow_dispatch" event
|
||||
#
|
||||
# The workflow should work with no modifications, but you might like to use a
|
||||
# later version of the Detekt CLI by modifing the $DETEKT_RELEASE_TAG
|
||||
# environment variable.
|
||||
name: Scan with Detekt
|
||||
|
||||
on:
|
||||
# Triggers the workflow on push or pull request events but only for default and protected branches
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
# Release tag associated with version of Detekt to be installed
|
||||
# SARIF support (required for this workflow) was introduced in Detekt v1.15.0
|
||||
DETEKT_RELEASE_TAG: v1.15.0
|
||||
|
||||
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
||||
jobs:
|
||||
# This workflow contains a single job called "scan"
|
||||
scan:
|
||||
name: Scan
|
||||
# The type of runner that the job will run on
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
# Steps represent a sequence of tasks that will be executed as part of the job
|
||||
steps:
|
||||
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Gets the download URL associated with the $DETEKT_RELEASE_TAG
|
||||
- name: Get Detekt download URL
|
||||
id: detekt_info
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
gh api graphql --field tagName=$DETEKT_RELEASE_TAG --raw-field query='
|
||||
query getReleaseAssetDownloadUrl($tagName: String!) {
|
||||
repository(name: "detekt", owner: "detekt") {
|
||||
release(tagName: $tagName) {
|
||||
releaseAssets(name: "detekt", first: 1) {
|
||||
nodes {
|
||||
downloadUrl
|
||||
}
|
||||
}
|
||||
tagCommit {
|
||||
oid
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
' 1> gh_response.json
|
||||
|
||||
DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.releaseAssets.tagCommit.oid' gh_response.json)
|
||||
if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
|
||||
echo "Release tag doesn't match expected commit SHA"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
|
||||
echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL"
|
||||
|
||||
# Sets up the detekt cli
|
||||
- name: Setup Detekt
|
||||
run: |
|
||||
dest=$( mktemp -d )
|
||||
curl --request GET \
|
||||
--url ${{ steps.detekt_info.outputs.download_url }} \
|
||||
--silent \
|
||||
--location \
|
||||
--output $dest/detekt
|
||||
chmod a+x $dest/detekt
|
||||
echo $dest >> $GITHUB_PATH
|
||||
|
||||
# Performs static analysis using Detekt
|
||||
- name: Run Detekt
|
||||
continue-on-error: true
|
||||
run: |
|
||||
detekt --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
|
||||
|
||||
# Modifies the SARIF output produced by Detekt so that absolute URIs are relative
|
||||
# This is so we can easily map results onto their source files
|
||||
# This can be removed once relative URI support lands in Detekt: https://git.io/JLBbA
|
||||
- name: Make artifact location URIs relative
|
||||
continue-on-error: true
|
||||
run: |
|
||||
echo "$(
|
||||
jq \
|
||||
--arg github_workspace ${{ github.workspace }} \
|
||||
'. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \
|
||||
${{ github.workspace }}/detekt.sarif.json
|
||||
)" > ${{ github.workspace }}/detekt.sarif.json
|
||||
|
||||
# Uploads results to GitHub repository using the upload-sarif action
|
||||
- uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: ${{ github.workspace }}/detekt.sarif.json
|
||||
checkout_path: ${{ github.workspace }}
|
||||
@@ -1,50 +0,0 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
# ESLint is a tool for identifying and reporting on patterns
|
||||
# found in ECMAScript/JavaScript code.
|
||||
# More details at https://github.com/eslint/eslint
|
||||
# and https://eslint.org
|
||||
|
||||
name: ESLint
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
eslint:
|
||||
name: Run eslint scanning
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
security-events: write
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Install ESLint
|
||||
run: |
|
||||
npm install eslint@8.10.0
|
||||
npm install @microsoft/eslint-formatter-sarif@2.1.7
|
||||
|
||||
- name: Run ESLint
|
||||
run: npx eslint .
|
||||
--config .eslintrc.js
|
||||
--ext .js,.jsx,.ts,.tsx
|
||||
--format @microsoft/eslint-formatter-sarif
|
||||
--output-file eslint-results.sarif
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload analysis results to GitHub
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: eslint-results.sarif
|
||||
wait-for-processing: true
|
||||
@@ -1,8 +0,0 @@
|
||||
{
|
||||
"name": "Detekt",
|
||||
"creator": "Detekt",
|
||||
"description": "Static code analysis for Kotlin",
|
||||
"iconName": "detekt",
|
||||
"categories": ["Code Scanning", "Kotlin"],
|
||||
"enterprise": false
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
{
|
||||
"name": "ESLint",
|
||||
"description": "A tool for identifying and reporting the problems found in ECMAScript/JavaScript code.",
|
||||
"iconName": "eslint",
|
||||
"enterprise": false,
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"JavaScript",
|
||||
"EcmaScript",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 60 60" style="enable-background:new 0 0 60 60;" xml:space="preserve">
|
||||
<g>
|
||||
|
||||
<linearGradient id="XMLID_3_" gradientUnits="userSpaceOnUse" x1="15.9594" y1="-13.0143" x2="44.3068" y2="15.3332" gradientTransform="matrix(1 0 0 -1 0 61)">
|
||||
<stop offset="9.677000e-02" style="stop-color:#0095D5"/>
|
||||
<stop offset="0.3007" style="stop-color:#238AD9"/>
|
||||
<stop offset="0.6211" style="stop-color:#557BDE"/>
|
||||
<stop offset="0.8643" style="stop-color:#7472E2"/>
|
||||
<stop offset="1" style="stop-color:#806EE3"/>
|
||||
</linearGradient>
|
||||
<polygon id="XMLID_2_" style="fill:url(#XMLID_3_);" points="0,60 30.1,29.9 60,60 "/>
|
||||
|
||||
<linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="4.2092" y1="48.9409" x2="20.6734" y2="65.405" gradientTransform="matrix(1 0 0 -1 0 61)">
|
||||
<stop offset="0.1183" style="stop-color:#0095D5"/>
|
||||
<stop offset="0.4178" style="stop-color:#3C83DC"/>
|
||||
<stop offset="0.6962" style="stop-color:#6D74E1"/>
|
||||
<stop offset="0.8333" style="stop-color:#806EE3"/>
|
||||
</linearGradient>
|
||||
<polygon style="fill:url(#SVGID_1_);" points="0,0 30.1,0 0,32.5 "/>
|
||||
|
||||
<linearGradient id="SVGID_2_" gradientUnits="userSpaceOnUse" x1="-10.1017" y1="5.8362" x2="45.7315" y2="61.6694" gradientTransform="matrix(1 0 0 -1 0 61)">
|
||||
<stop offset="0.1075" style="stop-color:#C757BC"/>
|
||||
<stop offset="0.2138" style="stop-color:#D0609A"/>
|
||||
<stop offset="0.4254" style="stop-color:#E1725C"/>
|
||||
<stop offset="0.6048" style="stop-color:#EE7E2F"/>
|
||||
<stop offset="0.743" style="stop-color:#F58613"/>
|
||||
<stop offset="0.8232" style="stop-color:#F88909"/>
|
||||
</linearGradient>
|
||||
<polygon style="fill:url(#SVGID_2_);" points="30.1,0 0,31.7 0,60 30.1,29.9 60,0 "/>
|
||||
</g>
|
||||
</svg>
|
||||
|
Before Width: | Height: | Size: 1.8 KiB |
File diff suppressed because one or more lines are too long
|
Before Width: | Height: | Size: 80 KiB |
Reference in New Issue
Block a user