chore(deps): update quay.io/konflux-ci/release-service-utils docker digest #20566
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Linters | |
| on: # yamllint disable-line rule:truthy | |
| pull_request: | |
| types: ['opened', 'reopened', 'synchronize'] | |
| merge_group: | |
| types: [checks_requested] | |
| workflow_dispatch: | |
| jobs: | |
| yamllint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Run yamllint | |
| uses: frenck/action-yamllint@34b4bbcaeabedcfefad6adea8c5bbc42af0e2d47 # v1 | |
| tknparse: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout files | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: install tkn | |
| uses: ./.github/actions/install-tkn | |
| - name: Get changed files | |
| uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 | |
| id: changed-files | |
| with: | |
| files: | | |
| **/*.yaml | |
| - name: Run tkn util | |
| run: .github/scripts/tkn_check_parse.sh | |
| env: | |
| CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| GITHUB_SHA: ${{ github.sha }} | |
| GITHUB_REFNAME: ${{ github.ref_name }} | |
| gitlint: | |
| name: Run gitlint checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.sha }} | |
| - name: Install gitlint | |
| run: | | |
| python3 -m venv venv | |
| source venv/bin/activate | |
| python3 -m pip install gitlint | |
| - name: Run gitlint check | |
| run: | | |
| source venv/bin/activate | |
| RAW_BASE_REF="${{ github.base_ref || github.event.merge_group.base_ref }}" | |
| BASE_REF="${RAW_BASE_REF#refs/heads/}" | |
| echo "Base ref: $BASE_REF" | |
| git fetch origin "$BASE_REF" | |
| gitlint --commits "origin/$BASE_REF"..HEAD | |
| checkton: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| # Differential Checkton requires full git history | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run Checkton | |
| id: checkton | |
| uses: chmeliik/checkton@c24110a11ba3d4acb90964be57fc1177fed2918f # v0.4.0 | |
| # Migrating to the konflux-ci org | |
| with: | |
| fail-on-findings: true | |
| find-copies: false | |
| find-renames: false | |
| check-jsonschema: | |
| name: Validate json schema file | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Install check-jsonschema | |
| run: | | |
| python3 -m venv venv | |
| source venv/bin/activate | |
| python3 -m pip install check-jsonschema | |
| - name: Run json meta schema check | |
| run: | | |
| source venv/bin/activate | |
| check-jsonschema --check-metaschema schema/dataKeys.json | |
| lint-jsonschema: | |
| name: Lint json schema file | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Run json schema lint | |
| run: | | |
| FILE="schema/dataKeys.json" | |
| if ! diff -u "$FILE" <(jq . "$FILE"); then | |
| echo "Linting issue in $FILE" | |
| echo "To fix: jq . $FILE | sponge $FILE" | |
| exit 1 | |
| fi | |
| echo "$FILE is formatted correctly" | |
| check-compute-resources: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout files | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Get changed files | |
| uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 | |
| id: changed-files | |
| with: | |
| files: | | |
| **/*.yaml | |
| - name: Run computeResources check script | |
| run: .github/scripts/tkn_check_compute_resources.sh | |
| env: | |
| CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| check-mount-secret-as-var: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout files | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Get changed files | |
| uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 | |
| id: changed-files | |
| with: | |
| files: | | |
| **/*.yaml | |
| - name: Run computeResources check script | |
| run: .github/scripts/tkn_check_mount_secret_as_var.sh | |
| env: | |
| CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| check-readme: | |
| name: Check README.md files | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Get changed dirs | |
| id: changed-dirs | |
| uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 | |
| with: | |
| files: | | |
| tasks/*/** | |
| pipelines/*/** | |
| files_ignore: | | |
| **/tests/* | |
| dir_names: "true" | |
| dir_names_max_depth: "3" | |
| - name: Check README.md files | |
| if: | | |
| steps.changed-dirs.outputs.any_changed == 'true' | |
| run: .github/scripts/check_readme.sh | |
| env: | |
| README_ITEMS: >- | |
| ${{ steps.changed-dirs.outputs.all_changed_files }} | |
| check-task-runasuser: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout files | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Get changed files | |
| uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 | |
| id: changed-files | |
| with: | |
| files: | | |
| **/*.yaml | |
| - name: Run task runAsUser check script | |
| if: | | |
| steps.changed-files.outputs.any_changed == 'true' | |
| run: .github/scripts/tkn_check_task_runasuser.sh | |
| env: | |
| CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| check-resources-with-tektor: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Get changed files | |
| id: changed-files | |
| uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47 | |
| with: | |
| files: | | |
| **/*.yaml | |
| **/*.yml | |
| files_ignore: | | |
| integration-tests/** | |
| - name: Checkout Tektor action | |
| if: steps.changed-files.outputs.any_changed == 'true' | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| repository: konflux-ci/tektor | |
| path: .github/actions/tektor | |
| ref: main | |
| - name: Validate Tekton resources | |
| if: steps.changed-files.outputs.any_changed == 'true' | |
| uses: ./.github/actions/tektor | |
| env: | |
| CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} | |
| with: | |
| fail-on-error: true | |
| verbose: true | |
| task-dir: ./tasks | |
| params: | | |
| taskGitRevision=${{ | |
| github.event.pull_request.head.ref || | |
| github.event.merge_group.head_ref | |
| }} | |
| taskGitUrl=${{ | |
| github.event.pull_request.head.repo.html_url || | |
| github.event.merge_group.head_repo.html_url | |
| }} | |
| verify_ec_task_git_revision=main | |
| mobster_tasks_git_revision=main | |
| check-agents-md: | |
| name: Check AGENTS.md line count | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Enforce AGENTS.md max 60 lines | |
| run: | | |
| lines=$(grep -c '.' AGENTS.md) | |
| if [ "$lines" -gt 60 ]; then | |
| echo "AGENTS.md has $lines non-empty lines (max 60)" | |
| exit 1 | |
| fi | |
| check-renovate-config-file: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: konflux-ci/renovate-config-validator-action@main | |
| with: | |
| config_file: .github/renovate.json |