Add anchor hash checks to transaction build
#988
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Actionlint | |
on: | |
merge_group: | |
pull_request: | |
jobs: | |
actionlint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# Note that, because our Nix configuration provisions *both* shellcheck and actionlint, | |
# actionlint is not going to install its own shellcheck. | |
# This also makes sure that this pipeline runs using | |
# the same shellcheck as the ones in Nix shells of developers. | |
- name: Install Nix with good defaults | |
uses: input-output-hk/install-nix-action@v20 | |
with: | |
extra_nix_config: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= | |
substituters = https://cache.iog.io/ https://cache.nixos.org/ | |
nix_path: nixpkgs=channel:nixos-unstable | |
- uses: cachix/install-nix-action@v18 | |
with: | |
nix_path: nixpkgs=channel:nixos-unstable | |
# Make the Nix environment available to next steps | |
- uses: rrbutani/use-nix-shell-action@v1 | |
- name: Run Actionlint | |
run: | | |
for file in $(git ls-files ".github/workflows/*.y*ml") | |
do | |
if grep -q "$file" ".github/workflows/actionlint-exceptions.txt" | |
then | |
echo "⚠️ $file is ignored from actionlint's verifications. Please consider fixing it." | |
else | |
echo "actionlint $file" | |
actionlint "$file" | |
fi | |
done |