[MINOR] Phylum Github Action Test (#16395)

* feat: phylum GA (TEST) * fix: phylum cmd * fix: updated phylum cmd * fix: phylum * fix: phylum access * fix: phylum runner * fix: environment * fix: remove container job * fix: increase verbosity * fix: test chars * fix: phylum testing * fix: add pom validation * fix: pom dep file * fix: added yarn dependency checks * fix: add on rule * fix: on rule * fix: remove workflow dispatch * fix: path syntax
2025-07-23 17:30:35 +00:00 · 2024-07-09 16:42:57 +02:00 · 2024-07-09 16:42:57 +02:00 · d58cc28fba
commit d58cc28fba
parent b353226d97
1 changed files with 39 additions and 0 deletions
--- a/.github/workflows/phylum.yml
+++ b/.github/workflows/phylum.yml
@ -0,0 +1,39 @@
+name: Phylum Analyze
+on:
+    pull_request_target:
+        types: [labeled, opened, synchronize, reopened]
+        paths:
+            - "ingestion/**"
+            - "openmetadata-service/**"
+            - "openmetadata-ui/**"
+    pull_request:
+        types: [labeled, opened, synchronize, reopened]
+        paths:
+            - "ingestion/**"
+            - "openmetadata-service/**"
+            - "openmetadata-ui/**"
+jobs:
+  analyze_deps:
+    name: Analyze dependencies with Phylum
+    environment: test
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout the repo
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
+      - name: Analyze dependencies
+        uses: phylum-dev/phylum-analyze-pr-action@v2
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          phylum_token: ${{ secrets.PHYLUM_TOKEN }}
+          cmd: |
+            phylum-ci -vv \
+            --depfile ingestion/setup.py \
+            --depfile ingestion/pyproject.toml \
+            --depfile openmetadata-service/pom.xml \
+            --depfile openmetadata-ui/src/main/resources/ui/yarn.lock