Skip to content

UDP puncture improvements #17952

UDP puncture improvements

UDP puncture improvements #17952

Workflow file for this run

name: All
permissions:
contents: read
on:
merge_group:
pull_request:
push:
branches:
- develop
workflow_dispatch:
inputs:
commit_sha:
description: Git commit sha, on which, to run this workflow
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
lint_commits:
name: All - lint_commits
runs-on: ubuntu-20.04
# We assume that commit 2fd0d36fe6ae0c2d527368683ec3a6352617b381 will be in the history
# of all commits based on ockam develop branch
# https://github.com/build-trust/ockam/commit/2fd0d36fe6ae0c2d527368683ec3a6352617b381
env:
FIRST_COMMIT: 2fd0d36fe6ae0c2d527368683ec3a6352617b381
CONTRIBUTORS_CSV_PATH: .github/CONTRIBUTORS.csv
COMMITLINT_CONFIG_PATH: tools/commitlint/commitlint.config.js
steps:
- name: Check Commit Lint
uses: build-trust/.github/actions/commit_lint@0455ed96606ee7021639e74a1ae0289a30e33d86
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
lint_editorconfig:
name: All - lint_editorconfig
runs-on: ubuntu-20.04
container: # gitlab.com/greut/eclint
image: greut/eclint:v0.3.3@sha256:95e9a3dcbd236bae6569625cd403175cbde3705303774e7baca418b6442b8d77
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
ref: ${{ github.event.inputs.commit_sha }}
- shell: sh
run: eclint -color=always
# Semgrep is a static analysis tool to lint code for patterns we want to forbid
# https://github.com/returntocorp/semgrep
lint_semgrep:
name: All - lint_semgrep
runs-on: ubuntu-20.04
container:
image: returntocorp/semgrep@sha256:2fd35fa409f209e0fea0c2d72cf1e5b801a607959a93b13d04822bb3b6a9dfe4
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
ref: ${{ github.event.inputs.commit_sha }}
- name: Run Semgrep
# Bash is not available in the specified docker image of semgrep
shell: sh
# .semgrepignore is not processed outside of working directory. See https://github.com/returntocorp/semgrep/issues/5669
run: |
mv tools/semgrep/.semgrepignore . & \
semgrep --verbose --config="r2c" --config="tools/semgrep/rules/example.yaml"
# Check notice file for update
notice_update:
name: All - notice_update
runs-on: ubuntu-20.04
steps:
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@7993355175c2765e5733dae74f3e0786fe0e5c4f
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Update Notice File
shell: nix shell nixpkgs#jq nixpkgs#cargo-deny --command bash {0}
run: make notice_file_update
- name: Fail if notice update needed
shell: bash
run: |
set -ex
git diff --exit-code NOTICE.md &> /dev/null || \
{ \
echo "NOTICE file outdated"; \
git diff;
exit 1; \
}