From 8556840c4d2d04a5eb0f4dfbf1f7dd2fada15468 Mon Sep 17 00:00:00 2001 From: Joshua Fernandes Date: Tue, 9 Jul 2024 14:00:12 +1000 Subject: [PATCH] try trivy in docs --- .github/workflows/build.yml | 3 ++- .github/workflows/case.yml | 2 +- .github/workflows/dependency_review.yml | 30 +++++++++++++++---------- .github/workflows/lint.yml | 6 ++--- .github/workflows/trivy.yml | 18 +++++++++++++++ 5 files changed, 42 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/trivy.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 757caf517..ca5d67c08 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,6 +2,7 @@ name: Build on: + workflow_call: pull_request: branches: - main @@ -13,7 +14,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Build uses: ConsenSys/docs-gha/build@main diff --git a/.github/workflows/case.yml b/.github/workflows/case.yml index c4564ab9d..db0c68e00 100644 --- a/.github/workflows/case.yml +++ b/.github/workflows/case.yml @@ -16,7 +16,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Case check action uses: ConsenSys/docs-gha/case@main diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml index cde9caa82..f6be6a631 100644 --- a/.github/workflows/dependency_review.yml +++ b/.github/workflows/dependency_review.yml @@ -1,18 +1,24 @@ -name: 'Dependency Review' +--- +name: Check file name case -on: [pull_request] - -permissions: - contents: read +on: + pull_request: + branches: + - main jobs: - dependency-review: + case: + name: Check for case being inconsistent runs-on: ubuntu-latest + strategy: + matrix: + folder: ["docs"] + permissions: + contents: read steps: - - name: 'Checkout Repository' - uses: actions/checkout@v4 - - name: Dependency Review - uses: actions/dependency-review-action@v3 + - uses: actions/checkout@v3 + + - name: Dependency review + uses: ConsenSys/docs-gha/dependency-review@main with: - fail-on-severity: high - deny-licenses: LGPL-2.0, BSD-2-Clause \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 70a60cae9..1f26980b0 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,5 +1,5 @@ --- -name: Check for lint/build errors +name: Check for lint, spelling and link errors on: pull_request: @@ -13,7 +13,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Lint uses: ConsenSys/docs-gha/lint@main @@ -27,7 +27,7 @@ jobs: matrix: file-extensions: [".md", ".mdx"] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: LinkCheck uses: ConsenSys/docs-gha/linkcheck@main with: diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml new file mode 100644 index 000000000..0258e1b81 --- /dev/null +++ b/.github/workflows/trivy.yml @@ -0,0 +1,18 @@ +--- +name: Trivy + +on: + pull_request: + branches: + - main + +jobs: + trivy: + name: Run trivy scanner + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Trivy + uses: ConsenSys/docs-gha/trivy@main + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file