build(deps): bump the prod-github-actions group across 1 directory with 7 updates #238
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow uses actions that are not certified by GitHub. | |
# They are provided by a third-party and are governed by | |
# separate terms of service, privacy policy, and support | |
# documentation. | |
# This workflow performs a static analysis of your Kotlin source code using | |
# Android Lint. | |
# | |
# Scans are triggered: | |
# 1. On every push to default and protected branches | |
# 2. On every Pull Request targeting the default branch | |
# 3. Manually, on demand, via the "workflow_dispatch" event | |
name: Check Code Quality with Android Lint | |
on: | |
# Triggers the workflow on push or pull request events but only for default and protected branches | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
# This workflow contains a single job called "scan" | |
scan-library: | |
name: Android Lint Check for library | |
permissions: | |
# required for all workflows | |
security-events: write | |
# only required for workflows in private repositories | |
actions: read | |
contents: read | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Sets up JDK as a prerequisite to run Gradle | |
- name: Setup Java | |
uses: actions/[email protected] | |
with: | |
java-version: '17' | |
distribution: 'zulu' | |
# Sets up the reviewdog cli | |
- name: Setup reviewdog | |
uses: reviewdog/[email protected] | |
- name: Show reviewdog version | |
run: reviewdog -version | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Sets up Gradle as a prerequisite to run Android Lint | |
- name: Setup Gradle | |
uses: gradle/actions/[email protected] | |
with: | |
gradle-home-cache-cleanup: true | |
# Performs analysis using Android Lint via Gradle and outputs a Sarif Report | |
- name: Run Android Lint | |
run: ./gradlew lint --continue | |
# Uploads Sarif Report for the library to GitHub | |
- name: Upload kotlin library report | |
uses: github/codeql-action/[email protected] | |
if: success() || failure() | |
with: | |
sarif_file: library/build/reports/lint-results-debug.sarif | |
# Process checkstyle Report file from Android Lint with reviewdog cli | |
- name: Run reviewdog for library | |
if: success() || failure() | |
env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: reviewdog -f=sarif -diff="git diff FETCH_HEAD" -name="lint" -reporter=github-pr-check < library/build/reports/lint-results-debug.sarif | |
scan-app: | |
name: Android Lint Check for app | |
permissions: | |
# required for all workflows | |
security-events: write | |
# only required for workflows in private repositories | |
actions: read | |
contents: read | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Sets up JDK as a prerequisite to run Gradle | |
- name: Setup Java | |
uses: actions/[email protected] | |
with: | |
java-version: '17' | |
distribution: 'zulu' | |
# Sets up the reviewdog cli | |
- name: Setup reviewdog | |
uses: reviewdog/[email protected] | |
- name: Show reviewdog version | |
run: reviewdog -version | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Sets up Gradle as a prerequisite to run Android Lint | |
- name: Setup Gradle | |
uses: gradle/actions/[email protected] | |
with: | |
gradle-home-cache-cleanup: true | |
# Performs analysis using Android Lint via Gradle and outputs a Sarif Report | |
- name: Run Android Lint | |
run: ./gradlew :app:lint --continue | |
# Uploads Sarif Report for the app to GitHub | |
- name: Upload kotlin app report | |
uses: github/codeql-action/[email protected] | |
if: success() || failure() | |
with: | |
sarif_file: app/build/reports/lint-results-debug.sarif | |
# Process checkstyle Report file from Android Lint with reviewdog cli | |
- name: Run reviewdog for app | |
if: success() || failure() | |
env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: reviewdog -f=sarif -diff="git diff FETCH_HEAD" -name="lint" -reporter=github-pr-check < app/build/reports/lint-results-debug.sarif |