Checkton the files in this repo

Signed-off-by: Adam Cmiel <[email protected]>

.github/workflows/checkton-self.yaml

@@ -0,0 +1,36 @@
+name: Checkton
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Modify action.yaml to build latest image on the fly
+        run: |
+          sed -E "s;(\s*)image: .*;\1image: Dockerfile;" -i action.yaml
+
+      - name: Run self on self
+        id: checkton
+        uses: ./
+        with:
+          # funnily enough, checkton happens to work on regular shell scripts as well
+          include-regex: \.(sh|bash|yml|yaml)$
+          # exclude test data and submodules
+          exclude-regex: ^test/resources/files-to-check/|^test/.*bats(-support|-assert)/
+          differential: false
+          fail-on-findings: false
+
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: ${{ steps.checkton.outputs.sarif }}
+          # Avoid clashing with ShellCheck
+          category: checkton