Skip to content

admin: add pre v4.8.0 admin command to delete OVAL vulns #2882

admin: add pre v4.8.0 admin command to delete OVAL vulns

admin: add pre v4.8.0 admin command to delete OVAL vulns #2882

Workflow file for this run

---
name: CI
on:
push:
branches:
- main
- release-4.*
pull_request:
branches:
- main
- release-4.*
jobs:
lints:
name: Lints
runs-on: ubuntu-latest
steps:
- name: Commit Check
uses: gsactions/commit-message-checker@v2
with:
pattern: |
^[^:!]+: .+\n\n.*$
error: 'Commit must begin with <scope>: <subject>'
flags: 'gm'
excludeTitle: true
excludeDescription: true
checkAllCommitMessages: true
accessToken: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout
id: checkout
if: ${{ !cancelled() }}
uses: actions/checkout@v4
- name: Check Filenames
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
run: | # Check for all the characters Windows hates.
git ls-files -- ':/:*[<>:"|?*]*' | while read -r file; do
printf '::error file=%s,title=Bad Filename::Disallowed character in file name\n' "$file"
done
exit $(git ls-files -- ':/:*[<>:"|?*]*' | wc -l)
- name: Check API Reference
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
run: |
npx widdershins --search false --language_tabs 'python:Python' 'go:Golang' 'javascript:Javascript' --summary ./openapi.yaml -o ./Documentation/reference/api.md
git diff --exit-code
- name: Check Container Versions
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
run: |
# awk ...
version=$(sed -n '/^go /{s/go \(1\.[0-9]\+\)\.[0-9]\+/\1/;p;q}' go.mod)
{
find . -name Dockerfile |
xargs awk -v "want=$version" '/^ARG GO_VERSION/{split($2,ver,/=/);if(ver[2]!=want) printf "%s\t%d\n", FILENAME, FNR}'
awk -v "want=$version" '/&go-image/{split($3,ref,/:/);if(ref[2]!=want) printf "%s\t%d\n", FILENAME, FNR}' docker-compose.yaml
} |
awk -v "want=$version" '{printf "::error file=%s,line=%d,title=Go Version Skew::Go version does not match `go.mod`: want %s\n", $1, $2, want}'
- name: Setup Go
id: 'setupgo'
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
uses: actions/setup-go@v5
with:
cache: false
go-version-file: ./go.mod
- name: Go Tidy
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' && steps.setupgo.conclusion == 'success' }}
run: |
# go mod tidy
trap 'echo "::error file=go.mod,title=Tidy Check::Commit would leave go.mod untidy"' ERR
go mod tidy
git diff --exit-code
documentation:
name: Documentation
needs: ['lints']
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/documentation
with:
publish: false
tests:
name: Tests
needs: ['lints']
uses: ./.github/workflows/tests.yml
with:
package_expr: ./...
qemu: false