deps(actions): bump actions/checkout from 4 to 7 #4530
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-License-Identifier: MPL-2.0 | |
| name: Project Health | |
| on: | |
| push: | |
| branches: ["**"] | |
| pull_request: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "17 3 * * 1" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| health: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # Required for auto-commit of STATUS.md on main branch | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Ensure health script is executable | |
| run: chmod +x .github/ci/health_check.sh | |
| - name: Set up Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: '20' | |
| - name: Set up Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.6.0 | |
| with: | |
| # v1.157 PR-C: pin exact patch (matches go.mod `go 1.25.11`). | |
| # GOTOOLCHAIN=local intentionally NOT set: this job runs a mixed | |
| # health/lint script; left unset to avoid constraining its tooling. | |
| go-version: '1.25.11' | |
| - name: Install linters & tools | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y shellcheck shfmt yamllint jq devscripts nftables | |
| npm i -g markdownlint-cli2@0.17.2 | |
| - name: Run health check | |
| run: .github/ci/health_check.sh | |
| - name: Validate workflows with actionlint | |
| run: | | |
| go install github.com/rhysd/actionlint/cmd/actionlint@v1.7.7 | |
| $(go env GOPATH)/bin/actionlint -shellcheck="" | |
| - name: Upload STATUS.md as artifact | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: project-status | |
| path: STATUS.md | |
| if-no-files-found: error | |
| retention-days: 7 | |
| - name: Auto-commit STATUS.md (main branch only) | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| continue-on-error: true | |
| run: | | |
| if ! git diff --quiet -- STATUS.md; then | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git add STATUS.md | |
| git commit -m "chore: update STATUS.md [skip ci]" | |
| REPO_URL="https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" | |
| git push "${REPO_URL}" HEAD:main || echo "::warning::STATUS.md auto-commit skipped (branch protection requires PR)" | |
| fi |