Skip to content

Commit

Permalink
chore: sync files with stordco/common-config-elixir
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions[bot] committed Jul 24, 2024
1 parent b0fdb25 commit 9bc9f58
Show file tree
Hide file tree
Showing 6 changed files with 70 additions and 5 deletions.
2 changes: 1 addition & 1 deletion .credo.exs
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@
# You can customize the priority of any check
# Priority values are: `low, normal, high, higher`
#
{Credo.Check.Design.AliasUsage, [priority: :low, if_nested_deeper_than: 2, if_called_more_often_than: 2]},
{Credo.Check.Design.AliasUsage, [priority: :low, if_nested_deeper_than: 4, if_called_more_often_than: 2]},
{Credo.Check.Design.DuplicatedCode, false},
# You can also customize the exit_status of each check.
# If you don't want TODO comments to cause `mix credo` to fail, just
Expand Down
6 changes: 6 additions & 0 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## Related Ticket(s)

<!--
Enter the Jira issue below in the following format: PROJECT-##
-->

## Checklist

<!--
Expand Down
42 changes: 40 additions & 2 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:

- id: changed
name: Get Changed Files
uses: tj-actions/changed-files@v43
uses: tj-actions/changed-files@v44
with:
files_yaml: |
database:
Expand All @@ -55,8 +55,14 @@ jobs:
docker:
- '.github/workflows/ci.yaml'
- 'Dockerfile'
documentation:
- 'docs/**'
- 'priv/documentation/**'
- '**.ex'
- '**.md'
elixir:
- '.github/workflows/ci.yaml'
- '.tool-versions'
- 'priv/**'
- '**.ex'
- '**.exs'
Expand Down Expand Up @@ -92,6 +98,9 @@ jobs:
needs: [Changed]
runs-on: ubuntu-latest

env:
MIX_ENV: test

steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down Expand Up @@ -128,7 +137,7 @@ jobs:
run: mix dialyzer --format github

Documentation:
if: ${{ !startsWith(github.head_ref, 'release-please--branches') && needs.Changed.outputs.elixir == 'true' }}
if: ${{ !startsWith(github.head_ref, 'release-please--branches') && needs.Changed.outputs.documentation == 'true' }}
needs: [Changed]
runs-on: ubuntu-latest

Expand Down Expand Up @@ -209,3 +218,32 @@ jobs:
- elixir: 1.15
otp: 26

Trivy_Filesystem:
if: ${{ !startsWith(github.head_ref, 'release-please--branches') }}
name: Trivy Filesystem Scan
runs-on: ubuntu-latest

permissions:
contents: read
id-token: write
pull-requests: write

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Elixir
uses: stordco/actions-elixir/setup@v1
with:
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
hex-token: ${{ secrets.HEX_API_KEY }}
oban-fingerprint: ${{ secrets.OBAN_KEY_FINGERPRINT }}
oban-token: ${{ secrets.OBAN_LICENSE_KEY }}

- name: Trivy Scan
uses: stordco/[email protected]
with:
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
scan-type: fs
slack-bot-token: ${{ secrets.SLACK_BOT_TOKEN }}

2 changes: 1 addition & 1 deletion .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
steps:
- id: release
name: Release
uses: google-github-actions/release-please-action@v4
uses: googleapis/release-please-action@v4
with:
config-file: .github/release-please-config.json
manifest-file: .github/release-please-manifest.json
Expand Down
5 changes: 4 additions & 1 deletion .github/workflows/staging.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ jobs:

runs-on: ubuntu-latest

env:
MIX_ENV: test

steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -38,7 +41,7 @@ jobs:
oban-fingerprint: ${{ secrets.OBAN_KEY_FINGERPRINT }}
oban-token: ${{ secrets.OBAN_LICENSE_KEY }}

- name: Build
- name: Docs
run: mix docs

- name: Set CNAME
Expand Down
18 changes: 18 additions & 0 deletions .trivy/fs-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# This file is synced with stordco/common-config-elixir. Any changes will be overwritten.

exit-code: '1'
format: 'json'
output: 'trivy-fs-results.json'
scanners:
- vuln
severity:
- CRITICAL
- HIGH
- MEDIUM
- LOW
- UNKNOWN
timeout: '3m'
vulnerability:
type:
- os
- library

0 comments on commit 9bc9f58

Please sign in to comment.