build(deps): bump github/codeql-action from 86b04fb0e47484f7282357688f21d5d0e32175fe to f53ec7c550f4c3cafe07061ed7fba6f002286003 #70
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| # ↓ lock down top‐level permissions to only what we use | |
| permissions: | |
| contents: read # we only need to checkout code | |
| actions: read # to query workflows/runs | |
| statuses: write | |
| # Run on pushes to any branch and pull requests | |
| on: | |
| push: | |
| branches: ['main'] | |
| pull_request: | |
| branches: ['**'] | |
| jobs: | |
| # Lint all YAML, JSON & Shell | |
| lint: | |
| name: Lint code & configs | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check compose files | |
| run: | | |
| source ./.envrc | |
| docker compose -f compose.yml config -q | |
| docker compose -f compose-partner-chains.yml config -q | |
| docker compose -f proof-server.yml config -q | |
| - name: Run Super-linter | |
| uses: github/super-linter@v7 | |
| env: | |
| # only lint the file types you care about | |
| VALIDATE_YAML: true | |
| VALIDATE_JSON: true | |
| VALIDATE_SHELL: true | |
| VALIDATE_BASH: true | |
| VALIDATE_BASH_EXEC: true | |
| VALIDATE_CHECOV: true | |
| VALIDATE_GITHUB_ACTIONS: true | |
| VALIDATE_NATURAL_LANGUAGE: true | |
| VALIDATE_MARKDOWN: true | |
| VALIDATE_DOCKERFILE: true | |
| FILTER_REGEX_EXCLUDE: (^cardano-config/|LICENSE\.md) | |
| # tell it your default branch so it can diff | |
| DEFAULT_BRANCH: origin/main | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |