From ea3ebd1d1e5e8cb12a80d1320974202b1be844f9 Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Fri, 6 Sep 2024 13:22:33 +0200 Subject: [PATCH] ++ --- .github/workflows/detekt.yml | 81 +++++++++--------------------------- 1 file changed, 20 insertions(+), 61 deletions(-) diff --git a/.github/workflows/detekt.yml b/.github/workflows/detekt.yml index b211111aff..9dddb3756b 100644 --- a/.github/workflows/detekt.yml +++ b/.github/workflows/detekt.yml @@ -1,72 +1,31 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# This workflow performs a static analysis of your Kotlin source code using -# Detekt. -# -# Scans are triggered: -# 1. On every push to default and protected branches -# 2. On every Pull Request targeting the default branch -# 3. On a weekly schedule -# 4. Manually, on demand, via the "workflow_dispatch" event -# -# The workflow should work with no modifications, but you might like to use a -# later version of the Detekt CLI by modifying the $DETEKT_RELEASE_TAG -# environment variable. -name: Scan with Detekt +name: detekt on: - # Triggers the workflow on push or pull request events but only for default and protected branches push: - branches: [ "main", "release/*" ] + branches: ["main", "release/*"] pull_request: - branches: [ "main" ] - - # Allows you to run this workflow manually from the Actions tab + branches: ["main"] workflow_dispatch: -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: - # This workflow contains a single job called "scan" scan: - name: Scan - # The type of runner that the job will run on + name: detekt runs-on: ubuntu-latest - # Steps represent a sequence of tasks that will be executed as part of the job steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v4 - - - name: Setup detekt - uses: peter-murray/setup-detekt@v2 - with: - detekt_version: 1.20 - - # Performs static analysis using Detekt - - name: Run Detekt - continue-on-error: true - run: | - detekt-cli --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json - - # Modifies the SARIF output produced by Detekt so that absolute URIs are relative - # This is so we can easily map results onto their source files - # This can be removed once relative URI support lands in Detekt: https://git.io/JLBbA - - name: Make artifact location URIs relative - continue-on-error: true - run: | - echo "$( - jq \ - --arg github_workspace ${{ github.workspace }} \ - '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \ - ${{ github.workspace }}/detekt.sarif.json - )" > ${{ github.workspace }}/detekt.sarif.json - - # Uploads results to GitHub repository using the upload-sarif action - - uses: github/codeql-action/upload-sarif@v3 - with: - # Path to SARIF file relative to the root of the repository - sarif_file: ${{ github.workspace }}/detekt.sarif.json - checkout_path: ${{ github.workspace }} + - uses: actions/checkout@v4 + - name: Setup detekt + uses: peter-murray/setup-detekt@v2 + with: + detekt_version: "1.20" + - name: Run Detekt + continue-on-error: true + run: | + detekt-cli --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json + + # Uploads results to GitHub repository using the upload-sarif action + - uses: github/codeql-action/upload-sarif@v3 + with: + # Path to SARIF file relative to the root of the repository + sarif_file: ${{ github.workspace }}/detekt.sarif.json + checkout_path: ${{ github.workspace }}