chore(deps): update sigstore/cosign-installer action to v3.10.0 (v1.33) #474
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI clang-tidy | |
| on: | |
| pull_request_target: | |
| types: [ opened, synchronize, reopened ] | |
| # By specifying the access of one of the scopes, all of those that are not specified are set to 'none'. | |
| permissions: | |
| # To be able to access the repository with actions/checkout | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.after }} | |
| cancel-in-progress: true | |
| jobs: | |
| tidy: | |
| timeout-minutes: 60 | |
| name: Lint source style | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout PR Source Code | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| fetch-depth: 2 | |
| - name: Prep for build | |
| run: | | |
| echo "${{ github.event.pull_request.head.sha }}" >SOURCE_VERSION | |
| echo "BUILDER_DOCKER_HASH=$(git ls-tree --full-tree HEAD -- ./Dockerfile.builder | awk '{ print $3 }')" >> $GITHUB_ENV | |
| # git diff filter has everything else than deleted files (those need not be tidied) | |
| echo "TIDY_SOURCES=$(git diff --name-only --diff-filter=ACMRTUXB HEAD^1 | grep -E '(.h$|.cc$)' | tr '\n' ' ')" >> $GITHUB_ENV | |
| - name: Wait for cilium-envoy-builder to be available | |
| timeout-minutes: 45 | |
| shell: bash | |
| run: until docker manifest inspect quay.io/${{ github.repository_owner }}/cilium-envoy-builder-dev:${{ env.BUILDER_DOCKER_HASH }} &> /dev/null; do sleep 15s; done | |
| - name: Run clang-tidy | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 | |
| # skip if nothing changed | |
| if: ${{ env.TIDY_SOURCES != '' }} | |
| id: docker_clang_tidy | |
| with: | |
| target: clang-tidy | |
| provenance: false | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64 | |
| outputs: type=local,dest=clang-tidy-results | |
| build-args: | | |
| BUILDER_BASE=quay.io/${{ github.repository_owner }}/cilium-envoy-builder-dev:${{ env.BUILDER_DOCKER_HASH }} | |
| TIDY_SOURCES=${{ env.TIDY_SOURCES }} | |
| push: false | |
| - name: Check for failure | |
| run: | | |
| if grep -q "^clang-tidy fix produced changes, please commit them." clang-tidy-results/clang-tidy-output.txt; then | |
| exit 1 | |
| fi | |
| - name: Upload clang-tidy results | |
| if: failure() | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: clang-tidy-results | |
| path: clang-tidy-results/*.txt | |
| retention-days: 5 |