Skip to content

ci(linter): add workflow permissions #190

ci(linter): add workflow permissions

ci(linter): add workflow permissions #190

Workflow file for this run

---
name: CI
on: # yamllint disable-line rule:truthy
pull_request:
branches:
- main
push:
branches:
- main
workflow_dispatch:
inputs:
debug:
type: choice
description: Debug mode
required: false
options:
- "true"
- "false"
# Allow one concurrent
concurrency:
group: ${{ format('{0}-{1}-{2}-{3}-{4}', github.workflow, github.event_name, github.ref, github.base_ref, github.head_ref) }}
cancel-in-progress: true
env:
DEBUG: ${{ inputs.debug || secrets.ACTIONS_RUNNER_DEBUG || vars.ACTIONS_RUNNER_DEBUG || secrets.ACTIONS_STEP_DEBUG || vars.ACTIONS_STEP_DEBUG || false }}
jobs:
dog-food:
name: Dog food (test inputs)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Debug
uses: raven-actions/debug@v1
with:
vars-context: ${{ toJson(vars) }}
secrets-context: ${{ toJson(secrets) }}
needs-context: ${{ toJson(needs) }}
inputs-context: ${{ toJson(inputs) }}
- name: actionlint Action (old version)
uses: ./
with:
version: "1.6.23"
shellcheck: false
pyflakes: false
files: "tests/fixtures/*.yml, tests/fixtures/*.yaml"
flags: "-ignore SC2086"
fail-on-error: false
- name: actionlint Action (test broken)
id: actionlint
uses: ./
with:
files: "tests/fixtures/*.yml, tests/fixtures/*.yaml"
flags: "-ignore SC2086"
fail-on-error: false
group-result: false
- name: actionlint Outputs
if: ${{ steps.actionlint.outputs.exit-code != '0' }}
run: |
echo "Used actionlint version ${{ steps.actionlint.outputs.version-semver }}"
echo "Used actionlint release ${{ steps.actionlint.outputs.version-tag }}"
echo "actionlint ended with ${{ steps.actionlint.outputs.exit-code }} exit code"
echo "actionlint ended because '${{ steps.actionlint.outputs.exit-message }}'"
echo "actionlint found ${{ steps.actionlint.outputs.total-errors }} errors"
echo "actionlint checked ${{ steps.actionlint.outputs.total-files }} files"
echo "actionlint cache used: ${{ steps.actionlint.outputs.cache-hit }}"
dog-food-matrix:
name: Dog food (test runners)
needs:
- dog-food
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- windows-latest
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: actionlint Action
id: actionlint
uses: ./
with:
flags: "-ignore SC2086"
fail-on-error: false
- name: actionlint Outputs
if: ${{ always() }}
run: |
echo "Used actionlint version ${{ steps.actionlint.outputs.version-semver }}"
echo "Used actionlint release ${{ steps.actionlint.outputs.version-tag }}"
echo "actionlint ended with ${{ steps.actionlint.outputs.exit-code }} exit code"
echo "actionlint ended because '${{ steps.actionlint.outputs.exit-message }}'"
echo "actionlint found ${{ steps.actionlint.outputs.total-errors }} errors"
echo "actionlint checked ${{ steps.actionlint.outputs.total-files }} files"
echo "actionlint cache used: ${{ steps.actionlint.outputs.cache-hit }}"
# shellcheck disable=SC2242
exit ${{ steps.actionlint.outputs.exit-code }}