Skip to content

More improvements to the Mondoo Linux Security policy (#451) #1292

More improvements to the Mondoo Linux Security policy (#451)

More improvements to the Mondoo Linux Security policy (#451) #1292

Workflow file for this run

---
name: Lint Policies
on:
pull_request:
push:
branches:
- main
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Lint cnspec policies and output SARIF
uses: mondoohq/actions/cnspec-lint@main
with:
path: .
output-file: "results.sarif"
- name: Install jq
run: sudo apt-get install jq
- name: Display SARIF file content
run: cat results.sarif
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
- name: Check SARIF file content
id: check_sarif
run: |
echo "Checking SARIF file content..."
RESULTS_EMPTY=$(cat results.sarif | jq '.runs[0].results | length == 0')
if [ "$RESULTS_EMPTY" = "true" ]; then
echo "SARIF file content is as expected. No results found."
else
echo "SARIF file contains results, indicating issues were found. Please review the SARIF file content below for more details, or check the 'Security' tab for alerts once the file has been uploaded."
exit 1
fi
license-check:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Copywrite
uses: hashicorp/[email protected]
with:
version: v0.16.4
- name: Check Header Compliance
run: copywrite headers --plan