-
Notifications
You must be signed in to change notification settings - Fork 314
116 lines (113 loc) · 3.85 KB
/
static-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Static Analysis
on:
pull_request:
branches:
- main
push:
branches:
- main
env:
GRADLE_OPTS: -Dorg.gradle.daemon=false
jobs:
commit-lint:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Check Commit Messages
uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6
with:
configFile: .commitlintrc.yml
code-base-checks:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Check copyrights, license headers, and .gitattributes
run: ./gradlew checkCopyrightsInNoticeFile checkLicenseHeaders checkGitAttributes
detekt-issues:
runs-on: ubuntu-22.04
permissions:
# Needed for SARIF scanning upload.
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3
with:
gradle-home-cache-cleanup: true
- name: Check for Detekt Issues
run: ./gradlew detekt
- name: Check for Detekt Issues with type resolution
run: ./gradlew detektMain detektTestFixtures detektTest detektFunTest
- name: Upload SARIF File
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3
if: always() # Upload even if the previous step failed.
with:
sarif_file: build/reports/detekt/merged.sarif
markdown-links:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Check Links
uses: gaurav-nelson/github-action-markdown-link-check@5c5dfc0ac2e225883c0e5f03a85311ec2830d368 # v1
with:
base-branch: main
check-modified-files-only: yes
max-depth: 2
use-quiet-mode: yes
markdownlint:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Setup Node
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4
- name: Check for Markdown issues
run: |
npm install -g [email protected]
npx markdownlint-cli2
qodana-scan:
if: ${{ github.event_name == 'pull_request' }}
runs-on: ubuntu-22.04
permissions:
# Needed for SARIF scanning upload.
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
- name: Qodana Scan
uses: JetBrains/qodana-action@c96b39a84dea25f2a24b38a3f6e89903306d5e2a # v2024.1.8
with:
post-pr-comment: false
use-caches: false
- name: Upload Code Scanning Results
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
reuse-tool:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Setup Python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5
with:
python-version: "3.10"
cache: pip
- name: Check REUSE Compliance
run: |
pip install --user reuse
~/.local/bin/reuse lint