Onboard new backport-pr re-usable github workflow (security) #15089

Workflow file for this run

.github/workflows/code-hygiene.yml at 06997ee

	name: Code Hygiene

	on: [push, pull_request]

	jobs:
	linelint:
	runs-on: ubuntu-latest
	name: Check if all files end in newline
	steps:
	- name: Checkout
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

	- name: Linelint
	uses: fernandrone/linelint@7907a5dca0c28ea7dd05c6d8d8cacded713aca11 # 0.0.6

	spotless:
	runs-on: ubuntu-latest
	name: Spotless scan
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

	- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
	with:
	distribution: temurin # Temurin is a distribution of adoptium
	java-version: 21

	- uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0
	with:
	cache-disabled: true
	arguments: spotlessCheck

	checkstyle:
	runs-on: ubuntu-latest
	name: Checkstyle scan
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

	- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
	with:
	distribution: temurin # Temurin is a distribution of adoptium
	java-version: 21

	- uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0
	with:
	cache-disabled: true
	arguments: checkstyleMain checkstyleTest checkstyleIntegrationTest

	spotbugs:
	runs-on: ubuntu-latest
	name: Spotbugs scan
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

	- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
	with:
	distribution: temurin # Temurin is a distribution of adoptium
	java-version: 21

	- uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0
	with:
	cache-disabled: true
	arguments: spotbugsMain

	check-permissions-order:
	runs-on: ubuntu-latest
	name: Check permissions orders
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
	- run: npm install yaml

	- name: Check permissions order
	run: \|
	exclude_pattern="(^\|/)roles_invalidxcontent.yml($\|/)
	(^\|/)invalid_config/config.yml($\|/)"
	# Set pattern to exclude certain files
	set -e
	exit_code=0
	for file in $(find . -name '*.yml' \| grep -Ev "$exclude_pattern"); do
	if ! node check-permissions-order.js "$file" --slient; then
	exit_code=1
	echo "Error: $file requires changes. Run the following command to fix:"
	echo "node check-permissions-order.js $file --fix"
	fi
	done
	exit $exit_code

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Onboard new backport-pr re-usable github workflow (security) #15089

Workflow file

Onboard new backport-pr re-usable github workflow (security) #15089

Uh oh!

Workflow file for this run