-
Notifications
You must be signed in to change notification settings - Fork 1
63 lines (57 loc) · 1.91 KB
/
puppet.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
name: Puppet module
on:
push:
paths:
- .github/workflows/puppet.yaml
- puppet/**
pull_request: {} # any target
schedule:
- cron: '0 0 * * 0' # weekly
jobs:
prep:
name: Download modules
runs-on: ubuntu-20.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: false
- name: Install dependencies
run: |
wget https://apt.puppet.com/puppet-release-focal.deb
sudo dpkg -i puppet-release-focal.deb
wget https://apt.puppet.com/puppet-tools-release-focal.deb
sudo dpkg -i puppet-tools-release-focal.deb
sudo apt-get update
sudo apt-get install -y puppet-agent puppet-bolt
sudo update-alternatives --install /usr/bin/puppet puppet-agent /opt/puppetlabs/bin/puppet 10
sudo chmod +t /tmp # workaround ruby need within prep.sh
- name: Prep project
run: |
./puppet/prep.sh
puppet-lint:
runs-on: ubuntu-latest
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: false
- name: Setup Ruby
uses: ruby/[email protected]
with:
ruby-version: 2.7
bundler-cache: true
- name: Install puppet-lint
run: gem install puppet-lint
- name: Run puppet-lint
run: puppet-lint . --sarif > puppet-lint-results.sarif
- name: Upload analysis results to GitHub
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: puppet-lint-results.sarif
wait-for-processing: true