From d58cc28fbac2a673bafdd488f1efe33f45fc4e3d Mon Sep 17 00:00:00 2001 From: Teddy Date: Tue, 9 Jul 2024 16:42:57 +0200 Subject: [PATCH] [MINOR] Phylum Github Action Test (#16395) * feat: phylum GA (TEST) * fix: phylum cmd * fix: updated phylum cmd * fix: phylum * fix: phylum access * fix: phylum runner * fix: environment * fix: remove container job * fix: increase verbosity * fix: test chars * fix: phylum testing * fix: add pom validation * fix: pom dep file * fix: added yarn dependency checks * fix: add on rule * fix: on rule * fix: remove workflow dispatch * fix: path syntax --- .github/workflows/phylum.yml | 39 ++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/phylum.yml diff --git a/.github/workflows/phylum.yml b/.github/workflows/phylum.yml new file mode 100644 index 00000000000..df374f36100 --- /dev/null +++ b/.github/workflows/phylum.yml @@ -0,0 +1,39 @@ +name: Phylum Analyze +on: + pull_request_target: + types: [labeled, opened, synchronize, reopened] + paths: + - "ingestion/**" + - "openmetadata-service/**" + - "openmetadata-ui/**" + pull_request: + types: [labeled, opened, synchronize, reopened] + paths: + - "ingestion/**" + - "openmetadata-service/**" + - "openmetadata-ui/**" +jobs: + analyze_deps: + name: Analyze dependencies with Phylum + environment: test + permissions: + contents: read + pull-requests: write + runs-on: ubuntu-latest + steps: + - name: Checkout the repo + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + - name: Analyze dependencies + uses: phylum-dev/phylum-analyze-pr-action@v2 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + phylum_token: ${{ secrets.PHYLUM_TOKEN }} + cmd: | + phylum-ci -vv \ + --depfile ingestion/setup.py \ + --depfile ingestion/pyproject.toml \ + --depfile openmetadata-service/pom.xml \ + --depfile openmetadata-ui/src/main/resources/ui/yarn.lock