diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml new file mode 100644 index 000000000000..f98dfca9c875 --- /dev/null +++ b/.github/workflows/actionlint.yml @@ -0,0 +1,67 @@ +name: actionlint + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +on: + pull_request: + branches: + - staging + paths: + - ".github/**" + +jobs: + actionlint: + runs-on: ubuntu-22.04 + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Download actionlint + id: get_actionlint + run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) + shell: bash + + - name: Check workflow files + run: | + ${{ steps.get_actionlint.outputs.executable }} \ + -ignore 'label "common" is unknown' \ + -ignore 'label "infra" is unknown' \ + -ignore 'label "veracode" is unknown' \ + -ignore '"github.head_ref" is potentially untrusted' \ + -shellcheck= \ + -pyflakes= \ + -color + shell: bash + + yaml-lint: + runs-on: ubuntu-22.04 + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Install Yaml + run: | + pip install yamllint==1.32.0 + + - name: Add Yaml Lint Rules + run: | + cat <>./yamllint_rules.yml + extends: default + + rules: + document-start: disable + line-length: disable + truthy: + check-keys: false + level: error + indentation: + spaces: 2 + indent-sequences: true + check-multi-line-strings: false + EOF + + - name: Lint YAML files + run: | + yamllint -c ./yamllint_rules.yml ./.github/workflows/ diff --git a/.github/workflows/dependabot_jira.yml b/.github/workflows/dependabot_jira.yml index e1f908da4563..45013984a32c 100644 --- a/.github/workflows/dependabot_jira.yml +++ b/.github/workflows/dependabot_jira.yml @@ -2,8 +2,8 @@ name: Create Dependabot Ticket on Jira on: pull_request: - types: [ opened, reopened ] - branches: [ master ] + types: [opened, reopened] + branches: [master] env: JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}