Skip to content

Update the pipfile.lock via the weekly workflow action #609

Update the pipfile.lock via the weekly workflow action

Update the pipfile.lock via the weekly workflow action #609

Workflow file for this run

---
name: Code static analysis
on: # yamllint disable-line rule:truthy
push:
pull_request:
workflow_dispatch:
permissions:
contents: read
jobs:
check-generated-code:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Rerun all code generators we have
run: python3 ci/cached-builds/gen_gha_matrix_jobs.py
- name: Check there aren't any modified files present
run: |
if [[ $(git ls-files . -d -m -o --exclude-standard --full-name -v | tee modified.log | wc -l) -gt 0 ]]; then
echo "There are changed files"
exit 1
fi
- name: Print modified files
if: ${{ failure() }}
run: |
cat modified.log
git diff
code-static-analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Validate YAML files (best code practices check included)
id: validate-yaml-files
run: |
type yamllint || sudo apt-get -y install yamllint
find . -name "*.yaml" | xargs yamllint --strict --config-file ./ci/yamllint-config.yaml
find . -name "*.yml" | xargs yamllint --strict --config-file ./ci/yamllint-config.yaml
# In some YAML files we use JSON strings, let's check these
- name: Validate JSON strings in YAML files (just syntax)
id: validate-json-strings-in-yaml-files
run: |
type json_verify || sudo apt-get -y install yajl-tools
bash ./ci/check-json.sh
- name: Validate JSON files (just syntax)
id: validate-json-files
run: |
type json_verify || sudo apt-get -y install yajl-tools
shopt -s globstar
ret_code=0
echo "-- Checking a regular '*.json' files"
for f in **/*.json; do echo "Checking: '${f}"; echo -n " > "; cat $f | json_verify || ret_code=1; done
echo "-- Checking a 'Pipfile.lock' files"
for f in **/Pipfile.lock; do echo "Checking: '${f}"; echo -n " > "; cat $f | json_verify || ret_code=1; done
echo "-- Checking a '*.ipynb' Jupyter notebook files"
for f in **/*.ipynb; do echo "Checking: '${f}"; echo -n " > "; cat $f | json_verify || ret_code=1; done
if test "${ret_code}" -ne 0; then
echo "There were errors in some of the checked files. Please run `json_verify` on such files and fix issues there."
fi
exit "${ret_code}"
- name: Validate Dockerfiles
id: validate-dockerfiles
run: |
type hadolint || sudo apt-get -y install wget \
&& wget --output-document=hadolint https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 \
&& chmod a+x hadolint
echo "Starting Hadolint"
find . -name "Dockerfile" | xargs ./hadolint --config ./ci/hadolint-config.yaml
echo "Hadolint done"
# This simply checks that the manifests and respective kustomization.yaml finishes without an error.
- name: Check kustomize manifest
id: kustomize-manifests
run: |
kubectl version --client=true
echo "----------------------------------------------------------"
echo "Starting 'kubectl kustomize manifests/base'"
echo "----------------------------------------------------------"
kubectl kustomize manifests/base
echo "----------------------------------------------------------"
echo "Starting 'kubectl kustomize manifests/overlays/additional'"
echo "----------------------------------------------------------"
kubectl kustomize manifests/overlays/additional