Skip to content

chore(deps): bump github/codeql-action in the github-actions group (#… #450

chore(deps): bump github/codeql-action in the github-actions group (#…

chore(deps): bump github/codeql-action in the github-actions group (#… #450

Workflow file for this run

# Copyright New Relic, Inc.
# SPDX-License-Identifier: Apache-2.0
# NOTE: This file should always be named `repolinter.yml` to allow
# workflow_dispatch to work properly
---
name: Repolinter Action
# NOTE: This workflow will ONLY check the default branch!
# Currently there is no elegant way to specify the default
# branch in the event filtering, so branches are instead
# filtered in the "Test Default Branch" step.
on: [push, workflow_dispatch]
# Declare default permissions as read only.
permissions: read-all
jobs:
repolint:
name: Run Repolinter
runs-on: ubuntu-latest
# don't run this job if triggered by Dependabot
if: ${{ github.actor != 'dependabot[bot]' }}
permissions:
contents: read
issues: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: audit
- name: Test Default Branch
id: default-branch
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const data = await github.rest.repos.get(context.repo)
return data.data && data.data.default_branch === context.ref.split('/').slice(-1)[0]
- name: Checkout Self
if: ${{ steps.default-branch.outputs.result == 'true' }}
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Run Repolinter
if: ${{ steps.default-branch.outputs.result == 'true' }}
uses: newrelic/repolinter-action@3f4448f855c351e9695b24524a4111c7847b84cb # v1.7.0
with:
config_url: https://raw.githubusercontent.com/newrelic/.github/main/repolinter-rulesets/community-project.yml
output_type: issue