Create a SecurityContextConstraint object for Beyla on OpenShift #713
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: ReviewDog | |
# yamllint disable-line rule:truthy | |
on: | |
push: | |
branches: ["main"] | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
markdownlint: | |
name: runner / markdownlint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: markdownlint | |
uses: reviewdog/action-markdownlint@v0 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
reporter: github-check | |
misspell: | |
name: runner / misspell | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-misspell@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
locale: US | |
reporter: github-check | |
level: warning | |
exclude: | | |
./.git/* | |
./.cache/* | |
./examples/**/output.yaml | |
pattern: | | |
*.md | |
*.yaml | |
*.yml | |
*.alloy | |
*.txt | |
*.tmpl | |
*.gotmpl | |
languagetool: | |
name: runner / languagetool | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-languagetool@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
level: info | |
patterns: | | |
./*.md | |
./**/*.md | |
./**/**/*.md | |
./**/**/**/*.md | |
!./node-modules/** | |
alex: | |
name: runner / alex | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-alex@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
# GitHub Status Check won't become failure with warning. | |
level: warning | |
shellcheck: | |
name: runner / shellcheck | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-shellcheck@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
exclude: | | |
./.git/* | |
./.cache/* | |
./tests/spec/* | |
pattern: | | |
*.sh | |
*.bash | |
tflint: | |
name: runner / tflint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-tflint@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
yamllint: | |
name: runner / yamllint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-yamllint@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
actionlint: | |
name: runner / actionlint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-actionlint@v1 | |
with: | |
github_token: ${{ secrets.github_token }} | |
reporter: github-check | |
textlint: | |
name: runner / textlint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-setup@v1 | |
- run: npm install | |
- env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
npx textlint --format checkstyle --config ./.textlintrc --ignore-path ./.textlintignore "$(find . -type f -name "*.md" -not \( -path "./node_modules/*" -o -path "./data-alloy/*" \))" | \ | |
reviewdog -f=checkstyle -name="textlint" -reporter=github-check -level=info | |
alloy: | |
name: runner / alloy | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: reviewdog/action-setup@v1 | |
- run: | | |
GITHUB_ORG="grafana" && \ | |
GITHUB_REPO="alloy" && \ | |
ARCHIVE="alloy" && \ | |
BINARY="alloy" && \ | |
BIN_PATH="/usr/local/bin" && \ | |
TMP_PATH="/tmp" && \ | |
ALLOY_VERSION=$(wget -q -O - "https://api.github.com/repos/$GITHUB_ORG/$GITHUB_REPO/releases/latest" \ | |
| grep -m 1 tag_name \ | |
| cut -d '"' -f 4 | cut -c2-) && \ | |
HOST_OS=$(uname -a | awk '{print tolower($1)}') && \ | |
HOST_ARCH=$(arch | sed 's/x86_64/amd64/') && \ | |
DOWNLOAD_URL="https://github.com/$GITHUB_ORG/$GITHUB_REPO/releases/download" && \ | |
DOWNLOAD_URL="$DOWNLOAD_URL/v$ALLOY_VERSION/$ARCHIVE-$HOST_OS-$HOST_ARCH.zip" | |
echo "Downloading $DOWNLOAD_URL to $TMP_PATH/$ARCHIVE.zip" && \ | |
wget -q -O "$TMP_PATH/$ARCHIVE.zip" "$DOWNLOAD_URL" && \ | |
echo "Unzipping: $TMP_PATH/$ARCHIVE.zip" && \ | |
( cd "$TMP_PATH" || exit ; unzip -qq -o -d "$TMP_PATH" "$TMP_PATH/$BINARY.zip" ) && \ | |
rm -rf "$TMP_PATH/$ARCHIVE.zip" && \ | |
chmod a+x "$TMP_PATH/$BINARY-$HOST_OS-$HOST_ARCH" && | |
echo "Moving: $TMP_PATH/$ARCHIVE-$HOST_OS-$HOST_ARCH/$BINARY to $BIN_PATH/$BINARY" && \ | |
sudo mv "$TMP_PATH/$BINARY-$HOST_OS-$HOST_ARCH" "$BIN_PATH/$BINARY" && \ | |
rm -rf "$TMP_PATH/$ARCHIVE-$HOST_OS-$HOST_ARCH" | |
echo "" | |
# shellcheck disable=SC2034 | |
alloy --version | |
- env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
./scripts/lint-alloy.sh --format=checkstyle | \ | |
reviewdog -f=checkstyle -name="alloy" -reporter=github-pr-check |