yujunjun/datahub
2
0
Fork 0
mirror of https://github.com/datahub-project/datahub.git synced 2025-11-12 01:11:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(): add a linter for github actions workflows (#7178)

Browse Source 
Co-authored-by: John Joyce <john@acryl.io>
This commit is contained in:
Harshal Sheth 2023-01-30 16:13:41 -05:00 committed by GitHub
parent b4114c6499
commit 7e869cd1d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 42 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/docker-ingestion-smoke.yml vendored
View File

@ -48,9 +48,6 @@ jobs:
name: Build and Push Docker Image to Docker Hub name: Build and Push Docker Image to Docker Hub
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3

87
.github/workflows/docker-unified.yml vendored
View File

@ -63,9 +63,6 @@ jobs:
name: Build and Push DataHub GMS Docker Image name: Build and Push DataHub GMS Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_GMS_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -109,25 +106,21 @@ jobs:
TRIVY_OFFLINE_SCAN: true TRIVY_OFFLINE_SCAN: true
with: with:
image-ref: ${{ env.DATAHUB_GMS_IMAGE }}:${{ needs.setup.outputs.unique_tag }} image-ref: ${{ env.DATAHUB_GMS_IMAGE }}:${{ needs.setup.outputs.unique_tag }}
format: 'template' format: "template"
template: '@/contrib/sarif.tpl' template: "@/contrib/sarif.tpl"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH' severity: "CRITICAL,HIGH"
ignore-unfixed: true ignore-unfixed: true
vuln-type: "os,library" vuln-type: "os,library"
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
mae_consumer_build: mae_consumer_build:
name: Build and Push DataHub MAE Consumer Docker Image name: Build and Push DataHub MAE Consumer Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_MAE_CONSUMER_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -171,25 +164,21 @@ jobs:
TRIVY_OFFLINE_SCAN: true TRIVY_OFFLINE_SCAN: true
with: with:
image-ref: ${{ env.DATAHUB_MAE_CONSUMER_IMAGE }}:${{ needs.setup.outputs.unique_tag }} image-ref: ${{ env.DATAHUB_MAE_CONSUMER_IMAGE }}:${{ needs.setup.outputs.unique_tag }}
format: 'template' format: "template"
template: '@/contrib/sarif.tpl' template: "@/contrib/sarif.tpl"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH' severity: "CRITICAL,HIGH"
ignore-unfixed: true ignore-unfixed: true
vuln-type: "os,library" vuln-type: "os,library"
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
mce_consumer_build: mce_consumer_build:
name: Build and Push DataHub MCE Consumer Docker Image name: Build and Push DataHub MCE Consumer Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_MCE_CONSUMER_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -233,25 +222,21 @@ jobs:
TRIVY_OFFLINE_SCAN: true TRIVY_OFFLINE_SCAN: true
with: with:
image-ref: ${{ env.DATAHUB_MCE_CONSUMER_IMAGE }}:${{ needs.setup.outputs.unique_tag }} image-ref: ${{ env.DATAHUB_MCE_CONSUMER_IMAGE }}:${{ needs.setup.outputs.unique_tag }}
format: 'template' format: "template"
template: '@/contrib/sarif.tpl' template: "@/contrib/sarif.tpl"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH' severity: "CRITICAL,HIGH"
ignore-unfixed: true ignore-unfixed: true
vuln-type: "os,library" vuln-type: "os,library"
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
datahub_upgrade_build: datahub_upgrade_build:
name: Build and Push DataHub Upgrade Docker Image name: Build and Push DataHub Upgrade Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_UPGRADE_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -295,24 +280,21 @@ jobs:
TRIVY_OFFLINE_SCAN: true TRIVY_OFFLINE_SCAN: true
with: with:
image-ref: ${{ env.DATAHUB_UPGRADE_IMAGE }}:${{ needs.setup.outputs.unique_tag }} image-ref: ${{ env.DATAHUB_UPGRADE_IMAGE }}:${{ needs.setup.outputs.unique_tag }}
format: 'template' format: "template"
template: '@/contrib/sarif.tpl' template: "@/contrib/sarif.tpl"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH' severity: "CRITICAL,HIGH"
ignore-unfixed: true ignore-unfixed: true
vuln-type: "os,library" vuln-type: "os,library"
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
frontend_build: frontend_build:
name: Build and Push DataHub Frontend Docker Image name: Build and Push DataHub Frontend Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_FRONTEND_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -358,24 +340,21 @@ jobs:
TRIVY_OFFLINE_SCAN: true TRIVY_OFFLINE_SCAN: true
with: with:
image-ref: ${{ env.DATAHUB_FRONTEND_IMAGE }}:${{ needs.setup.outputs.unique_tag }} image-ref: ${{ env.DATAHUB_FRONTEND_IMAGE }}:${{ needs.setup.outputs.unique_tag }}
format: 'template' format: "template"
template: '@/contrib/sarif.tpl' template: "@/contrib/sarif.tpl"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH' severity: "CRITICAL,HIGH"
ignore-unfixed: true ignore-unfixed: true
vuln-type: "os,library" vuln-type: "os,library"
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
kafka_setup_build: kafka_setup_build:
name: Build and Push DataHub Kafka Setup Docker Image name: Build and Push DataHub Kafka Setup Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_KAFKA_SETUP_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -398,9 +377,6 @@ jobs:
name: Build and Push DataHub MySQL Setup Docker Image name: Build and Push DataHub MySQL Setup Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_MYSQL_SETUP_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -423,9 +399,6 @@ jobs:
name: Build and Push DataHub Elasticsearch Setup Docker Image name: Build and Push DataHub Elasticsearch Setup Docker Image
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
outputs:
image_tag: ${{ steps.docker_meta.outputs.tags }}
image_name: ${{ env.DATAHUB_ELASTIC_SETUP_IMAGE }}
steps: steps:
- name: Check out the repo - name: Check out the repo
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -450,11 +423,7 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
test_strategy: [ test_strategy: ["no_cypress", "cypress_suite1", "cypress_rest"]
"no_cypress",
"cypress_suite1",
"cypress_rest"
]
needs: needs:
[ [
setup, setup,
@ -477,7 +446,7 @@ jobs:
- uses: actions/setup-python@v4 - uses: actions/setup-python@v4
with: with:
python-version: "3.7" python-version: "3.7"
cache: 'pip' cache: "pip"
- name: Install dependencies - name: Install dependencies
run: ./metadata-ingestion/scripts/install_deps.sh run: ./metadata-ingestion/scripts/install_deps.sh
- name: Build datahub cli - name: Build datahub cli

14
.github/workflows/lint-actions.yml vendored Normal file
View File

@ -0,0 +1,14 @@
name: Lint actions
on:
pull_request:
paths:
- '.github/workflows/**'
jobs:
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: reviewdog/action-actionlint@v1
with:
reporter: github-pr-review