Skip to content
Lint

Bump honeybadger from 5.27.0 to 5.27.1 (#5561) #8270

Sign in to view logs

Bump honeybadger from 5.27.0 to 5.27.1 (#5561)

Bump honeybadger from 5.27.0 to 5.27.1 (#5561) #8270

Workflow file for this run

.github/workflows/lint.yml at 5d472df
name: Lint
on:
pull_request:
push:
branches:
- master
permissions:
contents: read
jobs:
rubocop:
name: Rubocop
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # v1.227.0
with:
bundler-cache: true
- name: Rubocop
run: bundle exec rubocop
brakeman:
name: Brakeman
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # v1.227.0
with:
bundler-cache: true
- name: Brakeman
run: bundle exec brakeman
importmap:
name: Importmap Verify
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # v1.227.0
with:
bundler-cache: true
- name: Importmap Verify
run: bundle exec rake importmap:verify
kubeconform:
name: Kubeconform
runs-on: ubuntu-24.04
strategy:
matrix:
kubernetes_version: ["1.29.1"]
environment:
- staging
- production
steps:
- name: login to Github Packages
run: echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # v1.227.0
with:
bundler-cache: true
- name: krane render
run: |
gem exec --silent krane render -f config/deploy/$ENVIRONMENT --bindings=environment=$ENVIRONMENT --current-sha=$REVISION > config/deploy/$ENVIRONMENT.rendered.yaml
env:
ENVIRONMENT: "${{ matrix.environment }}"
REVISION: "${{ github.sha }}"
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: "${{ matrix.environment }}.rendered.yaml"
path: "config/deploy/${{ matrix.environment }}.rendered.yaml"
- name: kubeconform
uses: docker://ghcr.io/yannh/kubeconform@sha256:03f6b236ef64f20b4bc950209d6254b109e23b4b05e7811649f59eae5659fa58 # v0.6.3
with:
entrypoint: "/kubeconform"
args: "-strict -summary -output json --kubernetes-version ${{ matrix.kubernetes_version }} config/deploy/${{ matrix.environment }}.rendered.yaml"
frizbee:
name: Frizbee
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- uses: stacklok/frizbee-action@5a96917a752dd98c16a4ac0bc50721284940c51e # main
env:
GITHUB_TOKEN: ${{ github.token }}
with:
action_paths: '[".github/workflows", ".github/actions"]'
dockerfiles: '["./Dockerfile", ".devcontainer/Dockerfile"]'
docker_compose: '["./docker-compose.yml", ".devcontainer/docker-compose.yml"]'
fail_on_unpinned: true
open_pr: false
repo_root: "."
zizmor:
name: zizmor
runs-on: ubuntu-latest
permissions:
security-events: write
# required for workflows in private repositories
contents: read
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@22695119d769bdb6f7032ad67b9bca0ef8c4a174 # v5.4.0
- name: Run zizmor 🌈
run: uvx zizmor --format sarif . > results.sarif
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
with:
sarif_file: results.sarif
category: zizmor