mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-08-30 14:25:43 +00:00
9d3b9fb438
Pin Github owned actions to specific hashes as recommended as tags are mutable see https://pin-gh-actions.kammel.dev/. This one of the recommendations that scorecard gives us. Note this was generated with `frizbee actions` Signed-off-by: stevenhorsman <steven@uk.ibm.com>
36 lines
825 B
YAML
36 lines
825 B
YAML
|
|
# https://github.com/marketplace/actions/shellcheck
|
|
name: Shellcheck required
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- edited
|
|
- reopened
|
|
- synchronize
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
shellcheck-required:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- name: Checkout the code
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
fetch-depth: 0
|
|
persist-credentials: false
|
|
|
|
- name: Run ShellCheck
|
|
uses: ludeeus/action-shellcheck@00b27aa7cb85167568cb48a3838b75f4265f2bca # master (2024-06-20)
|
|
with:
|
|
severity: error
|
|
ignore_paths: "**/vendor/**"
|