diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7534fa5..689062c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,7 @@ on: [push] +permissions: read-all + jobs: hello_world_job: runs-on: ubuntu-latest diff --git a/.github/mega-linter.yml b/.github/workflows/mega-linter.yml similarity index 89% rename from .github/mega-linter.yml rename to .github/workflows/mega-linter.yml index 7b1e118..ad0d0ac 100644 --- a/.github/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -10,7 +10,7 @@ permissions: read-all env: # Comment env block if you do not want to apply fixes # Apply linter fixes configuration - APPLY_FIXES: none # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) + APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) APPLY_FIXES_EVENT: pull_request # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all) APPLY_FIXES_MODE: commit # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request) @@ -21,7 +21,10 @@ concurrency: jobs: build: name: MegaLinter - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest + permissions: + actions: write + contents: write steps: # Git Checkout - name: Checkout Code @@ -52,6 +55,13 @@ jobs: megalinter-reports mega-linter.log + - name: git diff + if: steps.ml.outputs.has_updated_sources == 1 + run: | + git diff + sudo rm -rf mega-linter.log megalinter-reports/ + git checkout .github/workflows/ + # Create pull request if applicable (for now works only on PR from same repository, not from forks) - name: Create Pull Request with applied fixes id: cpr diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 1ca4007..c77ac02 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -1,6 +1,8 @@ on: pull_request: +permissions: read-all + jobs: pr_container_job: runs-on: ubuntu-latest diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..d7fc7b0 --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,4 @@ +--- +DISABLE_LINTERS: + - SPELL_CSPELL +GITHUB_COMMENT_REPORTER: false diff --git a/Dockerfile b/Dockerfile index fa0188a..446b886 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,6 @@ -# Container image that runs your code FROM alpine:3.10 +USER 1001 +HEALTHCHECK CMD true # Copies your code file from your action repository to the filesystem path `/` of the container COPY entrypoint.sh /entrypoint.sh diff --git a/action.yml b/action.yml index 782c830..25caa1f 100644 --- a/action.yml +++ b/action.yml @@ -1,16 +1,16 @@ # action.yml -name: 'Hello World' -description: 'Greet someone and record the time' +name: "Hello World" +description: "Greet someone and record the time" inputs: - who-to-greet: # id of input - description: 'Who to greet' + who-to-greet: # id of input + description: "Who to greet" required: true - default: 'World' + default: "World" outputs: time: # id of output - description: 'The time we greeted you' + description: "The time we greeted you" runs: - using: 'docker' - image: 'Dockerfile' + using: "docker" + image: "Dockerfile" args: - ${{ inputs.who-to-greet }} diff --git a/entrypoint.sh b/entrypoint.sh index c4d55d0..231cef7 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -15,10 +15,8 @@ echo "++++ triggering event" cat "$GITHUB_EVENT_PATH" echo "+++++ END" - echo "++++ list $GITHUB_WORKSPACE" ls -laR "$GITHUB_WORKSPACE" echo "+++++ END" - -echo "time=$time" >> $GITHUB_OUTPUT +echo "time=$time" >>"$GITHUB_OUTPUT"