Skip to content

chore(deps): pin dependencies #347

chore(deps): pin dependencies

chore(deps): pin dependencies #347

Workflow file for this run

---
name: lint
on:
pull_request:
branches:
- main
workflow_dispatch:
workflow_call:
# concurrency:
# group: ${{ github.workflow }}-${{ github.ref }}-${{ github.action }}
# cancel-in-progress: false
permissions:
pull-requests: read
contents: read
checks: write
jobs:
lint:
name: lint
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
checks: write # For trunk to post annotations
contents: read # For repo checkout
steps:
- name: checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: set-aqua-policy-if-file-exists
run: |
if [[ -f aqua-policy.yaml ]]; then
echo "AQUA_POLICY_CONFIG=${GITHUB_WORKSPACE}/aqua-policy.yaml:${AQUA_POLICY_CONFIG}" >> $GITHUB_ENV
else
echo "👉 No aqua-policy.yaml file found, skipping setting AQUA_POLICY_CONFIG"
fi
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2
continue-on-error: true
with:
aqua_version: v2.30.0
enable_aqua_install: true
aqua_opts: '--tags lint' # if using aqua.yaml config any special items in your repo like Golangci-lint using tags so it only installs what's needed
env:
AQUA_LOG_LEVEL: debug
AQUA_OPTS: ''
- name: trunk-check
uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16
with:
arguments: --github-annotate-new-only=true
changie-validation:
name: changie-validation
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: read
checks: write
env:
GH_TOKEN: ${{ github.token }}
GITHUB_REF_BRANCH: ${{ github.ref }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
ref: ${{ env.GITHUB_REF_BRANCH }}
- name: Set up default branch name
id: default_branch
run: echo "DEFAULT_BRANCH=$(gh repo view --json defaultBranchRef -q '.defaultBranchRef.name')" >> $GITHUB_ENV
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check for .changes directory
id: check_changes_dir
run: |
if [[ -d ".changes" ]]; then
echo "changes_dir_exists=true" >> $GITHUB_OUTPUT
else
echo "changes_dir_exists=false" >> $GITHUB_OUTPUT
echo "⏩ no changie entry required on this"
fi
- name: Fetch default branch
id: fetch_branches
run: |
git fetch origin ${{ env.DEFAULT_BRANCH }}
git fetch origin ${{ env.GITHUB_REF_BRANCH }}
- name: Check for labels
id: check_labels
run: |
echo "no_changie_required=false" >> $GITHUB_OUTPUT
echo "dependencies=false" >> $GITHUB_OUTPUT
for label in $(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name'); do
if [[ "$label" == "no-changie-required" ]]; then
echo "no_changie_required=true" >> $GITHUB_OUTPUT
echo "❎ bypass on changie noted due to label"
elif [[ "$label" == "dependencies" ]]; then
echo "dependencies=true" >> $GITHUB_OUTPUT
fi
done
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Validate changie entry
id: validate_changie_entry
if: steps.check_changes_dir.outputs.changes_dir_exists == 'true' && steps.check_labels.outputs.no_changie_required == 'false' && steps.check_labels.outputs.dependencies == 'false'
run: |
# Fetch existing comments
changes=$(git diff --name-only --diff-filter=A origin/${{ env.DEFAULT_BRANCH }}...HEAD -- .changes/)
if [[ -n "$changes" ]]; then
echo "Changie entry found"
comment="✅ changie entry was found"
gh pr review ${{ github.event.pull_request.number }} --approve --body "$comment"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
else
echo "No changie entry found in .changes"
comment="❌ A changie entry is required in .changes/"
echo "adding review comment saying required, since not seeing prior comment before"
gh pr review ${{ github.event.pull_request.number }} --request-changes --body "$comment"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
fi
# Update or post the review comment
# if [[ -n "$comment" ]]; then
# echo "adding review comment since not seeing prior comment before"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
# fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}