Add security.txt for data.gov.uk #4892
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: govuk-aws-linting | |
| on: | |
| workflow_dispatch: {} | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - "Jenkinsfile" | |
| - ".git**" | |
| pull_request: | |
| jobs: | |
| test: | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: ruby/setup-ruby@v1 | |
| - uses: actions/cache@v1 | |
| with: | |
| path: vendor/bundle | |
| key: bundle-${{ hashFiles('**/Gemfile.lock') }} | |
| restore-keys: bundle | |
| - run: bundle install --jobs 4 --retry 3 --deployment | |
| - name: Docs Check | |
| run: | | |
| brew install terraform-docs | |
| echo "Checking the updatedness of README files..." | |
| ./tools/update-docs.sh | |
| if ! git diff --exit-code; then | |
| echo "The documentation isn't up to date. Run tools/update-docs.sh and commit the results." | |
| exit 1 | |
| fi | |
| - name: Shellcheck | |
| env: | |
| SHELLCHECK_VERSION: '0.8.0' | |
| run: | | |
| curl --silent \ | |
| --fail \ | |
| --location \ | |
| --output shellcheck.tar.xz \ | |
| "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.darwin.x86_64.tar.xz" | |
| tar -xf shellcheck.tar.xz | |
| export PATH="${PATH}:$(pwd)/shellcheck-v${SHELLCHECK_VERSION}" | |
| echo "Running shellcheck..." | |
| shellcheck -e SC2086,SC1117 jenkins.sh tools/*.sh terraform/userdata/* | |
| - name: terraform install | |
| run: | | |
| brew install grep | |
| brew install tfenv | |
| # Install default terraform version | |
| tfenv install | |
| tfenv use | |
| # Install additional terraform versions | |
| for version in $(find . -type f -name '.terraform-version' | xargs cat | sort -u); do | |
| tfenv install $version | |
| done | |
| - name: terraform fmt | |
| run: | | |
| formatter_path="$(pwd)/tools/terraform-format.sh" | |
| # Loop over each directory containing tf files and ensure correct format | |
| for dir in $(find ~+ -type f -name '*.tf' -not -path '$(pwd)/.terraform/*' | sed -E 's|/[^/]+$||' | sort -u); do | |
| cd $dir | |
| echo "$dir" | |
| find . -name '*.tf' | xargs $formatter_path | |
| done | |
| - name: RSpec | |
| run: bundle exec rspec spec/validate_resources_spec.rb | |
| - name: Lint Resource Names | |
| run: bundle exec lib/resource_name_lint.rb | |
| - name: JSON Check | |
| run: find . -name '*.json' | xargs tools/json-check.sh | |
| - name: ADR Check | |
| run: tools/adr-check.sh |