public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
121663aa1682df85f86bb0137dfd63e18741417a
grafana/.github/workflows/actionlint.yml
dependabot[bot] 4b416f89bf Chore(deps): Bump actions/checkout from 4 to 5 (#110558) 
* Chore(deps): Bump actions/checkout from 4 to 5

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* remove incorrect comments

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
2025-09-10 14:25:41 +01:00

61 lines
2.2 KiB
YAML
Raw Blame History

# This workflow depends on the ./actionlint-format.txt file. It is MIT licensed (thanks, rhysd!): https://github.com/rhysd/actionlint/blob/2ab3a12c7848f6c15faca9a92612ef4261d0e370/testdata/format/sarif_template.txt
name: Actionlint
on:
push:
branches:
- main
- release-*
pull_request:
types:
- opened
- synchronize
- reopened
permissions: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
jobs:
run-actionlint:
name: Lint GitHub Actions files
runs-on: ubuntu-latest
permissions:
contents: read # to check out the code
actions: read # to read the workflow files
security-events: write # for uploading the SARIF report
env:
ACTIONLINT_VERSION: 1.7.7
# curl -LXGET https://github.com/rhysd/actionlint/releases/download/v${ACTIONLINT_VERSION}/actionlint_${ACTIONLINT_VERSION}_checksums.txt | grep linux_amd64
CHECKSUM: 023070a287cd8cccd71515fedc843f1985bf96c436b7effaecce67290e7e0757
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
with:
persist-credentials: false
# GitHub Actions only runs x86_64. This will break if that assumption changes.
- name: Download Actionlint
run: |
set -euo pipefail
curl -OLXGET https://github.com/rhysd/actionlint/releases/download/v"${ACTIONLINT_VERSION}"/actionlint_"${ACTIONLINT_VERSION}"_linux_amd64.tar.gz
echo "${CHECKSUM} actionlint_${ACTIONLINT_VERSION}_linux_amd64.tar.gz" | sha256sum -c -
tar xzf actionlint_"${ACTIONLINT_VERSION}"_linux_amd64.tar.gz
test -f actionlint
chmod +x actionlint
- name: Run Actionlint
run: ./actionlint -format "$(cat .github/workflows/actionlint-format.txt)" | tee results.sarif
- name: Upload to GitHub security events
if: success() || failure()
# If there are security problems, GitHub will automatically comment on the PR for us.
uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
with:
sarif_file: results.sarif
category: actionlint
Reference in New Issue View Git Blame Copy Permalink