diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..e23a097 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,47 @@ +# This file is part of Dependency-Track. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. +name: Build + +on: + pull_request: + branches: [main] + +permissions: {} + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + - name: Install imaging dependencies + run: | + sudo apt-get update + sudo apt-get install -y --no-install-recommends \ + libcairo2-dev \ + libffi-dev \ + libfreetype6-dev \ + libjpeg-dev \ + libpng-dev \ + libz-dev + - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + with: + enable-cache: false + - name: Build + run: make build diff --git a/.github/workflows/docs.yml b/.github/workflows/deploy.yml similarity index 68% rename from .github/workflows/docs.yml rename to .github/workflows/deploy.yml index 95edc22..5783a25 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/deploy.yml @@ -14,48 +14,19 @@ # # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. -name: docs +name: Deploy on: push: branches: [main] tags: ["[0-9]+.[0-9]+.[0-9]+", "[0-9]+.[0-9]+.[0-9]+-*"] - pull_request: - branches: [main] permissions: {} jobs: - lint: - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - - name: Install imaging dependencies - run: | - sudo apt-get update - sudo apt-get install -y --no-install-recommends \ - libcairo2-dev libfreetype6-dev libffi-dev \ - libjpeg-dev libpng-dev libz-dev - - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 - with: - enable-cache: false - - name: Lint Markdown - run: make lint-markdown - - name: Lint YAML - run: make lint-yaml - - name: Lint prose - run: make lint-prose - - name: Lint Python - run: make lint-python - - name: Build - run: make build - deploy: + name: Deploy runs-on: ubuntu-latest - if: github.event_name == 'push' permissions: contents: write env: @@ -76,8 +47,12 @@ jobs: run: | sudo apt-get update sudo apt-get install -y --no-install-recommends \ - libcairo2-dev libfreetype6-dev libffi-dev \ - libjpeg-dev libpng-dev libz-dev + libcairo2-dev \ + libffi-dev \ + libfreetype6-dev \ + libjpeg-dev \ + libpng-dev \ + libz-dev - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 with: enable-cache: false diff --git a/.github/workflows/zizmor.yml b/.github/workflows/lint.yml similarity index 73% rename from .github/workflows/zizmor.yml rename to .github/workflows/lint.yml index 6483557..28ba2db 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/lint.yml @@ -14,18 +14,31 @@ # # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. -name: zizmor +name: Lint on: - push: - branches: [main] pull_request: - branches: ["**"] + branches: [main] permissions: {} jobs: - zizmor: + lint-docs: + name: Lint Docs + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + - name: Lint Markdown + run: make lint-markdown + - name: Lint prose + run: make lint-prose + - name: Lint YAML + run: make lint-yaml + + lint-gha: + name: Lint GitHub Actions runs-on: ubuntu-latest permissions: security-events: write