release: 2024-11-03 security & monthly updates #265
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# MegaLinter GitHub Action configuration file | |
# More info at https://megalinter.io | |
# All variables described in https://megalinter.io/latest/configuration/ | |
name: MegaLinter | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: [main] | |
push: | |
branches: [main] | |
# Run Linters in parallel | |
# Cancel running job if new job is triggered | |
concurrency: | |
group: "${{ github.ref }}-${{ github.workflow }}" | |
cancel-in-progress: true | |
jobs: | |
megalinter: | |
name: MegaLinter | |
runs-on: ubuntu-latest | |
# Give the default GITHUB_TOKEN write permission to commit and push, comment | |
# issues, and post new Pull Requests; remove the ones you do not need | |
permissions: | |
contents: write | |
issues: write | |
pull-requests: write | |
steps: | |
- run: echo "🚀 Job automatically triggered by ${{ github.event_name }}" | |
- run: echo "🐧 Job running on ${{ runner.os }} server" | |
- run: echo "🐙 Using ${{ github.ref }} branch from ${{ github.repository }} repository" | |
# Git Checkout | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
sparse-checkout: | | |
docs | |
overrides | |
.github | |
- run: echo "🐙 Sparse Checkout of ${{ github.repository }} repository to the CI runner." | |
# MegaLinter Configuration | |
- name: MegaLinter Run | |
uses: oxsecurity/megalinter/flavors/java@v8.1.0 | |
id: ml | |
env: | |
# Validate the git diff against default branch. | |
VALIDATE_ALL_CODEBASE: >- | |
${{ github.event_name == 'push' && github.ref == 'refs/heads/main'}} | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" # report individual linter status | |
# ADD CUSTOM ENV VARIABLES OR DEFINE IN MEGALINTER_CONFIG file | |
MEGALINTER_CONFIG: .github/config/megalinter.yaml | |
# Grafana Dashboard Connections - GitHub Organization secrets | |
API_REPORTER: true | |
API_REPORTER_URL: ${{ secrets.API_REPORTER_URL }} | |
API_REPORTER_BASIC_AUTH_USERNAME: ${{ secrets.API_REPORTER_BASIC_AUTH_USERNAME }} | |
API_REPORTER_BASIC_AUTH_PASSWORD: ${{ secrets.API_REPORTER_BASIC_AUTH_PASSWORD }} | |
API_REPORTER_BEARER_TOKEN: ${{ secrets.API_REPORTER_BEARER_PASSWORD }} | |
API_REPORTER_METRICS_URL: ${{ secrets.API_REPORTER_METRICS_URL }} | |
API_REPORTER_METRICS_BASIC_AUTH_USERNAME: ${{ secrets.API_REPORTER_METRICS_BASIC_AUTH_USERNAME }} | |
API_REPORTER_METRICS_BASIC_AUTH_PASSWORD: ${{ secrets.API_REPORTER_METRICS_BASIC_AUTH_PASSWORD }} | |
API_REPORTER_METRICS_BEARER_TOKEN: ${{ secrets.API_REPORTER_METRICS_BEARER_PASSWORD }} | |
API_REPORTER_DEBUG: false | |
# Logging | |
# LOG_LEVEL: DEBUG | |
# Upload MegaLinter artifacts | |
- name: Archive production artifacts | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: MegaLinter reports | |
path: | | |
megalinter-reports | |
mega-linter.log | |
# Summary and status | |
- run: echo "🎨 MegaLinter quality checks completed" | |
- run: echo "🍏 Job status is ${{ job.status }}." |