diff --git a/.github/renovate.json b/.github/renovate.json index 0940b5b1..0bcbb680 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -7,7 +7,8 @@ ], "assignees": [ "talal", - "majewsky" + "majewsky", + "SuperSandro2000" ], "commitMessageAction": "Renovate: Update", "constraints": { diff --git a/.github/workflows/license.yaml b/.github/workflows/checks.yaml similarity index 52% rename from .github/workflows/license.yaml rename to .github/workflows/checks.yaml index b7a7fdf3..db1db480 100644 --- a/.github/workflows/license.yaml +++ b/.github/workflows/checks.yaml @@ -3,23 +3,20 @@ # Edit Makefile.maker.yaml instead. # ################################################################################ -name: License +name: Checks "on": push: branches: - master - paths-ignore: - - '**.md' pull_request: branches: - '*' - paths-ignore: - - '**.md' permissions: + checks: write contents: read jobs: - addlicense: - name: Check + checks: + name: Checks runs-on: ubuntu-latest steps: - name: Check out code @@ -28,6 +25,23 @@ jobs: uses: actions/setup-go@v4 with: go-version: "1.20" + - name: Dependency Review + uses: actions/dependency-review-action@v3 + with: + base-ref: ${{ github.event.pull_request.base.sha || 'main' }} + deny-licenses: AGPL-1.0, AGPL-3.0, GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.0, LGPL-2.1, LGPL-3.0 + fail-on-severity: moderate + head-ref: ${{ github.event.pull_request.head.sha || github.ref }} + - name: Run govulncheck + uses: golang/govulncheck-action@v1 + - name: Check for spelling errors + uses: reviewdog/action-misspell@v1 + with: + exclude: ./vendor/* + fail_on_error: true + github_token: ${{ secrets.GITHUB_TOKEN }} + ignore: importas + reporter: github-check - name: Check if source code files have license header run: | shopt -s globstar diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b4a91268..9a36c4a7 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -18,10 +18,8 @@ name: CI permissions: contents: read jobs: - build: - name: Build - needs: - - lint + buildAndLint: + name: Build & Lint runs-on: ubuntu-latest steps: - name: Check out code @@ -30,18 +28,8 @@ jobs: uses: actions/setup-go@v4 with: go-version: "1.20" - - name: Make build + - name: Build all binaries run: make build-all - lint: - name: Lint - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Set up Go - uses: actions/setup-go@v4 - with: - go-version: "1.20" - name: Run golangci-lint uses: golangci/golangci-lint-action@v3 with: @@ -49,7 +37,7 @@ jobs: test: name: Test needs: - - build + - buildAndLint runs-on: ubuntu-latest steps: - name: Check out code diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml deleted file mode 100644 index ed5e6be6..00000000 --- a/.github/workflows/dependency-review.yaml +++ /dev/null @@ -1,24 +0,0 @@ -################################################################################ -# This file is AUTOGENERATED with # -# Edit Makefile.maker.yaml instead. # -################################################################################ - -name: Dependency Review -"on": - pull_request: - branches: - - '*' -permissions: - contents: read -jobs: - review: - name: Review - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Dependency Review - uses: actions/dependency-review-action@v3 - with: - deny-licenses: AGPL-1.0, AGPL-3.0, GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.0, LGPL-2.1, LGPL-3.0 - fail-on-severity: high diff --git a/.github/workflows/spell.yaml b/.github/workflows/spell.yaml deleted file mode 100644 index dcfa3239..00000000 --- a/.github/workflows/spell.yaml +++ /dev/null @@ -1,32 +0,0 @@ -################################################################################ -# This file is AUTOGENERATED with # -# Edit Makefile.maker.yaml instead. # -################################################################################ - -name: Spell -"on": - push: - branches: - - master - pull_request: - branches: - - '*' -permissions: - contents: read -jobs: - misspell: - name: Check - permissions: - checks: write - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Check for spelling errors - uses: reviewdog/action-misspell@v1 - with: - exclude: ./vendor/* - fail_on_error: true - github_token: ${{ secrets.GITHUB_TOKEN }} - ignore: importas - reporter: github-check diff --git a/Makefile.maker.yaml b/Makefile.maker.yaml index a74f4492..758d6499 100644 --- a/Makefile.maker.yaml +++ b/Makefile.maker.yaml @@ -21,10 +21,9 @@ golangciLint: createConfig: true githubWorkflow: - global: - ignorePaths: ["**.md"] # all Markdown files ci: enabled: true + ignorePaths: ["**.md"] # all Markdown files kubernetesEnvtest: enabled: true securityChecks: @@ -33,13 +32,13 @@ githubWorkflow: enabled: true spellCheck: enabled: true - ignorePaths: [] # override global setting so that nothing is ignored renovate: enabled: true assignees: - talal - majewsky + - SuperSandro2000 packageRules: - matchPackageNames: ["sigs.k8s.io/controller-runtime"] matchUpdateTypes: ["major"]