[pre-commit.ci] pre-commit autoupdate #228

Workflow file for this run

	name: ci

	concurrency:
	cancel-in-progress: ${{ ! startsWith(github.ref, 'refs/tags/') }}
	group: ci-${{ github.ref_name }}-${{ github.event_name }}

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	schedule:
	- cron: "0 0 * * *"

	permissions:
	contents: read
	id-token: write
	packages: write
	security-events: write

	jobs:
	build-edge:
	if: \|
	github.event_name == 'push' &&
	github.ref == 'refs/heads/main'
	runs-on: ubuntu-latest
	steps:
	- name: Build docker
	uses: meysam81/build-docker@main
	with:
	cosign: true
	image-name: ghcr.io/${{ github.repository }}
	image-extra-tags: \|
	ghcr.io/${{ github.repository }}:${{ github.run_id }}
	ghcr.io/${{ github.repository }}:latest
	kubescape: true
	kubescape-upload-sarif: true

	build-pr:
	if: github.event_name == 'pull_request'
	runs-on: ubuntu-latest
	steps:
	- name: Build docker
	uses: meysam81/build-docker@main
	with:
	cosign: true
	image-name: ghcr.io/${{ github.repository }}
	kubescape: true
	scout-comment-pr: true
	scout-compare: true
	scout-cves: true

	release-please:
	if: github.event_name == 'push' && github.ref == 'refs/heads/main'
	runs-on: ubuntu-latest
	outputs:
	releases_created: ${{ steps.release-please.outputs.releases_created }}
	tag_name: ${{ steps.release-please.outputs.tag_name }}
	permissions:
	contents: write
	pull-requests: write
	steps:
	- id: release-please
	name: Release please
	uses: googleapis/release-please-action@v4
	with:
	release-type: simple

	build-stable:
	needs: release-please
	if: needs.release-please.outputs.releases_created == 'true'
	runs-on: ubuntu-latest
	steps:
	- name: Build docker
	uses: meysam81/build-docker@main
	with:
	cosign: true
	image-name: ghcr.io/${{ github.repository }}
	image-extra-tags: ghcr.io/${{ github.repository }}:${{ needs.release-please.outputs.tag_name }}

	linter:
	if: contains(fromJSON('["push", "pull_request"]'), github.event_name)
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	name: Checkout
	- uses: actions/setup-python@v5
	with:
	python-version: "3.11"
	architecture: "x64"
	- name: Run linters
	run: \|
	pip install -U pip pre-commit
	pre-commit run -a

	trivy:
	if: contains(fromJSON('["push", "pull_request"]'), github.event_name)
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	scan-type:
	- fs
	- config
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Trivy ${{ matrix.scan-type }}
	uses: aquasecurity/trivy-action@master
	with:
	exit-code: "1"
	scan-ref: .
	scan-type: ${{ matrix.scan-type }}
	trivy-config: trivy.yaml

	stale:
	if: github.event_name == 'schedule'
	runs-on: ubuntu-latest
	permissions:
	contents: write
	issues: write
	pull-requests: write
	steps:
	- name: Stale action
	uses: actions/stale@v9

	labeler:
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request' \|\| github.event_name == 'schedule'
	permissions:
	contents: read
	pull-requests: write
	issues: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: PR Labeler
	uses: srvaroa/labeler@master
	env:
	GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
	with:
	config_path: .github/labeler.yml
	use_local_config: false
	fail_on_error: false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pre-commit.ci] pre-commit autoupdate #228

Workflow file

[pre-commit.ci] pre-commit autoupdate #228

Jobs

Run details

Workflow file for this run