Skip to content

Commit 4060b24

Browse files
brianwykabrianwyka
committed
Update dockerfile and workflows
1 parent 48bb5cd commit 4060b24

File tree

5 files changed

+48
-6
lines changed

5 files changed

+48
-6
lines changed

.github/workflows/ci.yml

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
name: CI
2+
on:
3+
push:
4+
branches:
5+
- main
6+
- 'releases/[1-9]+.[0-9]+.x'
7+
paths-ignore:
8+
- '.github/**'
9+
- '.gitignore'
10+
- 'CODE_OF_CONDUCT.md'
11+
- 'CONTRIBUTING.md'
12+
- 'INDIVIDUAL_CONTRIBUTOR_LICENSE.md'
13+
- 'LICENSE'
14+
- 'NOTICE.txt'
15+
- '**/README.md'
16+
pull_request:
17+
branches:
18+
- main
19+
- 'releases/[1-9]+.[0-9]+.x'
20+
paths-ignore:
21+
- '.github/**'
22+
- '.gitignore'
23+
- 'CODE_OF_CONDUCT.md'
24+
- 'CONTRIBUTING.md'
25+
- 'INDIVIDUAL_CONTRIBUTOR_LICENSE.md'
26+
- 'LICENSE'
27+
- 'NOTICE.txt'
28+
- '**/README.md'
29+
jobs:
30+
build:
31+
runs-on: ubuntu-latest
32+
steps:
33+
- uses: actions/checkout@v2
34+
- name: Sourcehawk Scan
35+
uses: optum/sourcehawk-scan-github-action@main
36+
continue-on-error: true

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ jobs:
4949
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
5050
with:
5151
tag_name: ${{ format('v{0}', steps.setup.outputs.RELEASE_VERSION) }}
52-
release_name: ${{ format('{0}@v{1}', github.repository_name, github.event.inputs.version) }}
52+
release_name: ${{ format('{0}@v{1}', github.repository, github.event.inputs.version) }}
5353
body_path: CHANGELOG.md
5454
draft: true
5555
prerelease: false

Dockerfile

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,15 @@
11
# Small Linux based image with sourcehawk installed
22
FROM optumopensource/sourcehawk:0.1.3-alpine
33

4+
# Need root to write
5+
USER root
6+
7+
# Repository gets mounted to this directory
8+
WORKDIR /github/workspace
9+
410
# Copy Entrypoint script into image and make sure its executable
511
COPY entrypoint.sh /entrypoint.sh
12+
RUN chmod +x /entrypoint.sh
613

714
# Execute the entrypoint
815
ENTRYPOINT ["/entrypoint.sh"]

entrypoint.sh

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,15 +25,15 @@ FAIL_BUILD=${5:-false}
2525
# Run the scan and output the results
2626
sourcehawk scan --verbosity MEDIUM --config-file "$CONFIG_FILE" --output-format "$OUTPUT_FORMAT" "$REPOSITORY_ROOT" > "$OUTPUT_FILE"
2727

28-
# Show the scan results
29-
cat "$OUTPUT_FILE"
30-
3128
# Determine if scan passed
3229
PASSED=false
3330
if [ $? -eq 0 ]; then
3431
PASSED=true
3532
fi
3633

34+
# Show the scan results
35+
cat "$OUTPUT_FILE"
36+
3737
# Capture exit code
3838
echo "::set-output name=scan-passed::$PASSED"
3939

sourcehawk.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,3 @@
1-
api-version: 0.1
21

32
config-locations:
4-
- https://github.com/raw/optum/sourcehawk-parent/master/.sourcehawk/config.yml
3+
- https://raw.githubusercontent.com/optum/sourcehawk-parent/main/.sourcehawk/optum-oss.yml

0 commit comments

Comments
 (0)