build: use just mise for quality and ci #26
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2025 Digg - Agency for Digital Government | |
| # | |
| # SPDX-License-Identifier: CC0-1.0 | |
| --- | |
| name: Pull Request Workflow | |
| on: | |
| pull_request: | |
| permissions: | |
| contents: read # Best Security practice. Jobs only get read as base, and then permissions are added as needed | |
| jobs: | |
| pr-checks: | |
| uses: diggsweden/reusable-ci/.github/workflows/pullrequest-orchestrator.yml@1a7dcd9c5257495ebf141e4e4b4bac438a8aae56 # v2.0.0 | |
| secrets: inherit # Pass org-level secrets (for private dependencies if any) | |
| permissions: | |
| contents: read # Clone repository and read source code | |
| packages: read # Access GitHub Packages for Maven dependencies | |
| security-events: write # Upload SpotBugs/dependency check results to Security tab | |
| with: | |
| project-type: maven | |
| linters.megalint: false # Disable heavy MegaLinter | |
| linters.justmiselint: true # Enable lightweight just+mise linting | |
| test: | |
| needs: [pr-checks] | |
| if: always() # Run tests even if linting fails (get complete feedback) | |
| permissions: | |
| contents: read # Access test resources and source code | |
| packages: read # Fetch test dependencies from GitHub Packages | |
| uses: ./.github/workflows/test.yml |