Skip to content
Docker Pull Request

chore(deps): update github/codeql-action action to v3.28.5 #87

Sign in to view logs

chore(deps): update github/codeql-action action to v3.28.5

chore(deps): update github/codeql-action action to v3.28.5 #87

Workflow file for this run

.github/workflows/docker-pr.yml at 06ed705
name: Docker Pull Request
on:
pull_request:
paths:
- "version.txt"
- "docker/**"
- ".github/workflows/docker-pr.yml"
jobs:
docker-hadolint:
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
pull-requests: write
steps:
- name: Audit DNS requests
uses: cds-snc/dns-proxy-action@main
env:
DNS_PROXY_FORWARDTOSENTINEL: "true"
DNS_PROXY_LOGANALYTICSWORKSPACEID: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
DNS_PROXY_LOGANALYTICSSHAREDKEY: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Hadolint
id: hadolint
uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ./docker/Dockerfile
format: sarif
output-file: hadolint-results.sarif
no-fail: true
- name: Upload Hadolint to github
uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
with:
sarif_file: hadolint-results.sarif
wait-for-processing: true
python-validate:
runs-on: ubuntu-latest
steps:
- name: Audit DNS requests
uses: cds-snc/dns-proxy-action@main
env:
DNS_PROXY_FORWARDTOSENTINEL: "true"
DNS_PROXY_LOGANALYTICSWORKSPACEID: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
DNS_PROXY_LOGANALYTICSSHAREDKEY: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Lint and format check
run: |
make lint
make ARGS=--check fmt
docker-build:
runs-on: ubuntu-latest
steps:
- name: Audit DNS requests
uses: cds-snc/dns-proxy-action@main
env:
DNS_PROXY_FORWARDTOSENTINEL: "true"
DNS_PROXY_LOGANALYTICSWORKSPACEID: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }}
DNS_PROXY_LOGANALYTICSSHAREDKEY: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }}
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Build Docker image
run: |
docker build --file ./docker/Dockerfile \
--tag ${{ github.repository }}:${{ github.sha }} \
./docker