Skip to content

Bump step-security/harden-runner from 2.9.0 to 2.10.1 #11

Bump step-security/harden-runner from 2.9.0 to 2.10.1

Bump step-security/harden-runner from 2.9.0 to 2.10.1 #11

Workflow file for this run

# Copyright 2024 Chainguard, Inc.
# SPDX-License-Identifier: Apache-2.0
name: Action Lint
on:
pull_request:
branches: [ 'main', 'release-*' ]
jobs:
action-lint:
name: Action lint
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Find yamls
id: get_yamls
run: |
yamls="$(find .github/workflows -name "*.y*ml" | grep -v dependabot. | xargs echo)"
echo "files=${yamls}" >> "$GITHUB_OUTPUT"
- name: Action lint
uses: reviewdog/action-actionlint@4f8f9963ca57a41e5fd5b538dd79dbfbd3e0b38a # v1.54.0
with:
actionlint_flags: ${{ steps.get_yamls.outputs.files }}