Commit Graph

7 Commits

Author SHA1 Message Date
Madhu Rajanna
b4ff3884f1 ci: remove set-safe-directory from commitlint
Removed set-safe-directory option from the
commitlint.yaml as its not working as expected.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-09 05:57:14 +00:00
Niels de Vos
9533889b64 ci: do not set safe.directory for commitlint checkout
Commitlint fails with errors like:

```
git fetch -v origin devel
fatal: unsafe repository ('/go/src/github.com/ceph/ceph-csi' is owned by
someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /go/src/github.com/ceph/ceph-csi
make: *** [Makefile:153: commitlint] Error 128
```

By not setting the option with actions/checkout@v3, the error should not
happen anymore.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-05-09 03:10:04 +00:00
naveen
2672fad90a ci: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31 rebase: bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
Niels de Vos
28899a36c8 ci: do not run commitlint GitHub Action for dependabot
The commit messages that Dependabot (@app/dependabot) creates are not
always accepted by the commitlint check. The configuration for
dependabot does not give a lot of options to customize the message, so
instead of adjusting the message to pass commitlint, just skip the check
(Mergify does not require commitlint status either).

See-also: #2460
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-01 15:02:18 +02:00
Niels de Vos
538e36f7a7 ci: pass GITHUB_BASE_REF when running commitlint
GitHub Actions include a merge commit for the PR, which will defeat the
commitlint checking of all the commits inside the PR (only the merge
commit is checked).

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-07 18:19:23 +05:30
Madhu Rajanna
edf6abce99 ci: add github workflows for static checks
adding a github workflow to run static checks
inside a container.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-12-07 12:57:29 +05:30