Skip to content

[StepSecurity] Apply security best practices #126

[StepSecurity] Apply security best practices

[StepSecurity] Apply security best practices #126

Workflow file for this run

name: Lint
on:
push:
branches:
- main
pull_request:
permissions:
contents: read
jobs:
golangci-lint:
name: Lint Go Source
runs-on: ubuntu-latest
container:
image: golangci/golangci-lint:latest-alpine
env:
GOFLAGS: -buildvcs=false
steps:
- name: Check out repository code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Lint Go source files
run: |
apk add --no-cache gcc g++ openssl-dev
go work init
go work use -r .
- name: Lint base library
run: golangci-lint run ./...
- name: Lint FSIM
run: golangci-lint run ./fsim/...
- name: Lint sqlite
run: golangci-lint run ./sqlite/...
- name: Lint TPM
run: golangci-lint run ./tpm/...
- name: Lint examples
run: golangci-lint run ./examples/...
shellcheck:
name: Lint Shell Scripts
runs-on: ubuntu-latest
container:
image: koalaman/shellcheck-alpine
steps:
- name: Check out repository code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run ShellCheck
run: find . -name '*.sh' -o -name '*.bash' | xargs shellcheck
shfmt:
name: Check Shell Script Formatting
runs-on: ubuntu-latest
container:
image: mvdan/shfmt:v3-alpine
steps:
- name: Check out repository code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Check shfmt diff
run: find . -name '*.sh' -o -name '*.bash' | FORCE_COLOR=1 xargs shfmt -d
markdownlint:
name: Lint Documentation Markdown
runs-on: ubuntu-latest
container:
image: node:20-alpine
steps:
- name: Check out repository code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Lint all markdown
run: npx markdownlint-cli2 --config .markdownlint.yml '**/*.md'