Skip to content
Run Linters

Bump step-security/harden-runner from 2.13.1 to 2.14.2 #42

Sign in to view logs

Bump step-security/harden-runner from 2.13.1 to 2.14.2

Bump step-security/harden-runner from 2.13.1 to 2.14.2 #42

Workflow file for this run

.github/workflows/linters.yml at f80e8f2
name: 'Run Linters'
on:
pull_request:
paths:
- 'action.yml'
- '.github/workflows/*.yml'
- '.github/workflows/*.yaml'
permissions:
contents: read
jobs:
linters:
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- name: Checkout Repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Install yq
uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f # v1.0.2
- name: Install shellcheck
env:
SHELLCHECK_PREFIX: ${{ runner.temp }}
run: |
CURL='curl -fsS --retry 5 --retry-max-time 30'
URL=$(\
$CURL -L https://api.github.com/repos/koalaman/shellcheck/releases/latest \
| jq -r '.assets[] | select(.name? | match("shellcheck_*.*.*.linux.x86_64.tar.xz$")) | .browser_download_url'\
)
VERSION=$(\
$CURL -L https://api.github.com/repos/koalaman/shellcheck/releases/latest \
| jq -r '.tag_name'\
)
$CURL -L "${URL}" | xzcat | tar -C $SHELLCHECK_PREFIX -xvf - shellcheck-$VERSION/shellcheck
$SHELLCHECK_PREFIX/shellcheck-$VERSION/shellcheck --version
echo "$SHELLCHECK_PREFIX/shellcheck-$VERSION/shellcheck" >> "$GITHUB_PATH"
- name: Run shellcheck
run: bin/shellcheck.sh