github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-02-14 09:39:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
88bcb6bff768beedbf2aab433507ddb894e8d89e
slsa-verifier/.github/workflows/pre-submit.lint.yml
Ramon Petgrave 88bcb6bff7 chore: pin yamllint, golangci-lint (#783) 
pins the yaml-lint and golangci-lint dependency used in pre-submits.

This is to fix code-scanning alerts about unpinned dependencies
-
https://github.com/slsa-framework/slsa-verifier/security/code-scanning/8
-
https://github.com/slsa-framework/slsa-verifier/security/code-scanning/21

### Testing Process

The pre-submit test that uses yamllint and golangci-lint passes

---------

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
2024-08-02 19:51:07 +00:00

57 lines
1.8 KiB
YAML
Raw Blame History

name: Pre submits Lint
on: [pull_request]
permissions:
# Needed to check out the repo.
contents: read
jobs:
golangci-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: "go.mod"
# not needed but gets rid of warnings
cache: false
- uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1
name: golangci-lint
with:
# Require: The version of golangci-lint to use.
# When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
# When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
version: v1.59.1
yamllint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: |
set -euo pipefail
# Install yamllint
pip install -r ./requirements-lint.txt --require-hashes
# Run yamllint
make yamllint
eslint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 20
- run: make eslint
renovate-config-validator:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 20
- run: make renovate-config-validator
Reference in New Issue View Git Blame Copy Permalink