Skip to content
.github/workflows/reusable-lightweight-pr.yml

ci: adjust job reference #1

Sign in to view logs

ci: adjust job reference

ci: adjust job reference #1

Workflow file for this run

.github/workflows/reusable-lightweight-pr.yml at 90a92c3
name: lightweight-check-pr
on:
workflow_call:
inputs:
marker:
required: false
description: 'Parallel run marker'
type: string
default: >-
[""]
secrets:
SA_GH_USER_NAME:
description: GPG signature username
required: true
SA_GH_USER_EMAIL:
description: GPG signature user email
required: true
SA_GPG_PRIVATE_KEY:
description: GPG signature private key
required: true
SA_GPG_PASSPHRASE:
description: GPG signature passphrase
required: true
SEMGREP_PUBLISH_TOKEN:
description: Semgrep token
required: true
permissions:
contents: read
packages: read
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
validate-pr-title:
name: Validate PR title
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
permissions:
contents: read
packages: read
pull-requests: read
statuses: write
steps:
- name: Run title validation
# uses: ./.github/actions/validate-pr-title
uses: splunk/addonfactory-workflow-addon-release/.github/actions/validate-pr-title@ci/lightweight-workflow-ADDON-66448
with:
GITHUB_TOKEN: ${{ github.token }}
meta:
name: Prepare metadata
runs-on: ubuntu-latest
steps:
- name: Run meta preparation
# uses: ./.github/actions/meta
uses: splunk/addonfactory-workflow-addon-release/.github/actions/meta@ci/lightweight-workflow-ADDON-66448
with:
SA_GH_USER_NAME: ${{ secrets.SA_GH_USER_NAME }}
SA_GH_USER_EMAIL: ${{ secrets.SA_GH_USER_EMAIL }}
SA_GPG_PRIVATE_KEY: ${{ secrets.SA_GPG_PRIVATE_KEY }}
SA_GPG_PASSPHRASE: ${{ secrets.SA_GPG_PASSPHRASE }}
compliance-copyright:
name: Compliance copyrights
runs-on: ubuntu-latest
steps:
- name: Run compliance copyrights
# uses: ./.github/actions/compliance-copyrights
uses: splunk/addonfactory-workflow-addon-release/.github/actions/compliance-copyrights@ci/lightweight-workflow-ADDON-66448
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Run linting checks
# uses: ./.github/actions/lint
uses: splunk/addonfactory-workflow-addon-release/.github/actions/lint@ci/lightweight-workflow-ADDON-66448
review-secrets:
name: Review secrets
runs-on: ubuntu-latest
steps:
- name: Run secrets review
# uses: ./.github/actions/review-secrets
uses: splunk/addonfactory-workflow-addon-release/.github/actions/review-secrets@ci/lightweight-workflow-ADDON-66448
semgrep:
name: Semgrep security check
runs-on: ubuntu-latest
steps:
- name: Run semgrep
# uses: ./.github/actions/semgrep
uses: splunk/addonfactory-workflow-addon-release/.github/actions/semgrep@ci/lightweight-workflow-ADDON-66448
with:
SEMGREP_PUBLISH_TOKEN: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
test-inventory:
name: Test inventory
runs-on: ubuntu-latest
steps:
- name: Run test inventory check
id: test-inventory
# uses: ./.github/actions/test-inventory
uses: splunk/addonfactory-workflow-addon-release/.github/actions/test-inventory@ci/lightweight-workflow-ADDON-66448
run-unit-tests:
name: test-unit-python3-${{ matrix.python-version }}
if: ${{ test-inventory.outputs.unit == 'true' }}
runs-on: ubuntu-latest
needs:
- test-inventory
strategy:
fail-fast: false
matrix:
python-version:
- "3.7"
permissions:
actions: read
deployments: read
contents: read
packages: read
statuses: read
checks: write
steps:
- name: Debug test-inventory output
- name: Run unit tests
# uses: ./.github/actions/unit-tests
uses: splunk/addonfactory-workflow-addon-release/.github/actions/unit-tests@ci/lightweight-workflow-ADDON-66448
with:
matrix: ${{ matrix }}