Update codeql workflow file #125
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "pulp-cli CI" | |
on: | |
pull_request: | |
concurrency: | |
group: "main-${{ github.ref_name }}-${{ github.workflow }}" | |
cancel-in-progress: true | |
jobs: | |
build: | |
uses: "./.github/workflows/build.yml" | |
lint: | |
needs: | |
- "build" | |
uses: "./.github/workflows/lint.yml" | |
test: | |
needs: | |
- "lint" | |
uses: "./.github/workflows/test.yml" | |
codeql: | |
needs: | |
- "lint" | |
uses: "./.github/workflows/codeql.yml" | |
check-commits: | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: "actions/checkout@v4" | |
with: | |
fetch-depth: 0 | |
- name: "Set up Python" | |
uses: "actions/setup-python@v5" | |
with: | |
python-version: "3.11" | |
- name: "Install python dependencies" | |
run: | | |
pip install toml pygithub | |
- name: "Check commit message" | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
GITHUB_CONTEXT: "${{ github.event.pull_request.commits_url }}" | |
run: | | |
for SHA in $(curl -H "Authorization: token $GITHUB_TOKEN" "$GITHUB_CONTEXT" | jq -r '.[].sha') | |
do | |
python .ci/scripts/validate_commit_message.py "$SHA" | |
VALUE=$? | |
if [ "$VALUE" -gt 0 ]; then | |
exit "$VALUE" | |
fi | |
done | |
shell: "bash" | |
ready-to-ship: | |
# This is a dummy dependent task to have a single entry for the branch protection rules. | |
runs-on: "ubuntu-latest" | |
needs: | |
- "check-commits" | |
- "lint" | |
- "test" | |
- "codeql" | |
if: "always()" | |
steps: | |
- name: "Collect needed jobs results" | |
run: | | |
echo '${{toJson(needs)}}' | jq -r 'to_entries[]|select(.value.result!="success")|.key + ": " + .value.result' | |
echo '${{toJson(needs)}}' | jq -e 'to_entries|map(select(.value.result!="success"))|length == 0' | |
echo "CI says: Looks good!" |