Skip to content

Update .github/workflows/snyk-iac.yml #382

Update .github/workflows/snyk-iac.yml

Update .github/workflows/snyk-iac.yml #382

Workflow file for this run

# This is a Terraform-managed file; manual changes will be overwritten.
# see https://github.com/workloads/github-organization/blob/main/templates/workflows/superlinter.tftpl.yml
---
name: "Code Quality: Super-Linter"
# yamllint disable-line rule:truthy
on:
push:
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions: read-all
jobs:
workflow:
# only run if workflows are enabled
if: ${{ vars.ENABLE_WORKFLOWS == 'true' }}
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
name: Super-Linter
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
statuses: write
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
# see https://github.com/actions/checkout/releases/tag/v4.1.6
- name: Checkout Repository
uses: "actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29" # ref: `tags/v4.1.6`
with:
# full git history is needed to get a proper list of changed files within `super-linter`
fetch-depth: 0
# see https://github.com/super-linter/super-linter/releases/tag/v6.5.1
- name: Lint Code with Super-Linter
uses: "super-linter/super-linter@5b638caee6ba65e25e07143887b669a1233847a0" # ref: `tags/v6.5.1`
env:
# see https://github.com/github/super-linter#environment-variables
CSS_FILE_NAME: ".stylelintrc.json"
DEFAULT_BRANCH: "main"
DISABLE_ERRORS: false
GITHUB_CUSTOM_API_URL: "https://api.github.com"
GITHUB_DOMAIN: "github.com"
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
IGNORE_GENERATED_FILES: true
IGNORE_GITIGNORED_FILES: true
MARKDOWN_CONFIG_FILE: ".markdown-lint.yml"
MULTI_STATUS: true
SUPPRESS_POSSUM: true
TERRAFORM_TFLINT_CONFIG_FILE: ".tflint.hcl"
VALIDATE_ANSIBLE: true
VALIDATE_BASH: true
VALIDATE_BASH_EXEC: true
VALIDATE_CSS: true
VALIDATE_DOCKERFILE_HADOLINT: true
VALIDATE_GITHUB_ACTIONS: true
VALIDATE_GO: true
VALIDATE_HTML: true
VALIDATE_JAVASCRIPT_STANDARD: true
VALIDATE_JSON: true
VALIDATE_MARKDOWN: true
VALIDATE_NATURAL_LANGUAGE: true
VALIDATE_SHELL_SHFMT: true
VALIDATE_TERRAFORM_FMT: true
VALIDATE_TERRAFORM_TFLINT: true
VALIDATE_TYPESCRIPT_STANDARD: true
VALIDATE_XML: true
VALIDATE_YAML: true
YAML_CONFIG_FILE: ".yaml-lint.yml"
YAML_ERROR_ON_WARNING: true
workflow-inactive:
# only run if workflows are disabled
if: ${{ vars.ENABLE_WORKFLOWS != 'true' }}
name: Workflow Status
runs-on: ubuntu-latest
timeout-minutes: 1
steps:
- name: Display Workflow Status
# shellcheck disable=SC2006
run: echo "::notice title='Workflow is not currently active'::'Check if `ENABLE_WORKFLOWS` is set to `true`.'"