Update base.yml #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# SPDX-FileCopyrightText: (c) 2021 ale5000 | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
# SPDX-FileType: SOURCE | |
name: "Code linting" | |
permissions: {} | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "v*" | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
shellchecker: | |
name: "ShellChecker" | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Check out code" | |
uses: actions/checkout@v4 | |
- name: "ShellChecker" | |
uses: a5k-actions/shellchecker@v0 | |
json-yaml-validate: | |
name: "JSON and YAML" | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Check out code" | |
uses: actions/checkout@v4 | |
- name: "JSON and YAML - Validator" | |
uses: GrantBirki/json-yaml-validate@v3 | |
with: | |
json_exclude_regex: "^\\.vscode/tasks\\.json$" | |
codacy: | |
name: "Codacy" | |
if: "${{ github.event_name != 'pull_request' && github.repository_owner == 'micro5k' }}" | |
runs-on: ubuntu-latest | |
permissions: | |
security-events: write | |
steps: | |
- name: "Check out code" | |
uses: actions/checkout@v4 | |
- name: "Run Codacy analysis" | |
uses: codacy/codacy-analysis-cli-action@v4 | |
with: | |
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository | |
# You can also omit the token and run the tools that support default configurations | |
# project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} | |
verbose: true | |
output: results.sarif | |
format: sarif | |
# Adjust severity of non-security issues | |
gh-code-scanning-compat: true | |
# Force 0 exit code to allow SARIF file generation | |
# This will hand over control about PR rejection to the GitHub side | |
max-allowed-issues: 2147483647 | |
upload: false | |
- name: "Upload SARIF results file" | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: "results.sarif" | |
category: "Codacy" | |
sonarcloud: | |
name: "SonarCloud" | |
if: "${{ github.event_name != 'pull_request' && github.repository_owner == 'micro5k' }}" | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Check out code" | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: "0" | |
- name: "Remove build.gradle" | |
shell: bash | |
run: | | |
# Removing build.gradle... | |
rm -f build.gradle | |
- name: "Run SonarCloud scan" | |
uses: SonarSource/sonarcloud-github-action@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
# with: | |
# args: > | |
# -Dsonar.exclusions=build.gradle | |
# -Dsonar.verbose=true |