chore(deps): update dependency ruff to v0.15.6 (#7377) #4083

Workflow file for this run

.github/workflows/deploy-BETA-linters.yml at 1c4622a

	---
	#########################
	#########################
	## Deploy Docker Image Linters ##
	#########################
	#########################
	# Documentation:
	# https://help.github.com/en/articles/workflow-syntax-for-github-actions
	#

	#######################################
	# Start the job on all push to main #
	#######################################
	name: "Build & Deploy - BETA linters"
	on:
	push:
	branches:
	- "main"
	- "dbgbeta"
	paths:
	- ".github/workflows/**"
	- "Dockerfile"
	- "**/Dockerfile"
	- "flavors/**"
	- "megalinter/**"
	- "mega-linter-runner/**"
	- "**/linter-versions.json"
	- "TEMPLATES/**"
	- ".trivyignore"
	- "*/.sh"
	- "*/.py"
	- "/sh/"

	###############
	# Set the Job #
	###############
	concurrency:
	group: ${{ github.ref }}-${{ github.workflow }}
	cancel-in-progress: true

	jobs:
	get-linters-matrix:
	name: Get Linters Matrix
	if: ${{ vars.BETA_LINTERS_ENABLED != 'false' }}
	runs-on: ubuntu-latest
	outputs:
	linters: ${{ steps.set-matrix.outputs.linters }}
	steps:
	- name: Checkout Code
	uses: actions/checkout@v6
	- name: Read linters_matrix.json
	id: set-matrix
	run: \|
	echo "linters=$(cat .automation/generated/linters_matrix.json \| jq -c)" >> $GITHUB_OUTPUT

	build:
	name: BETA/Linters
	runs-on: ubuntu-latest
	needs: get-linters-matrix
	permissions:
	actions: write
	packages: write
	environment:
	name: beta
	strategy:
	fail-fast: false
	max-parallel: 10
	matrix:
	linter: ${{ fromJson(needs.get-linters-matrix.outputs.linters) }}
	platform: ["linux/amd64"]
	# Only run this on the main repo
	if: >-
	(
	github.repository == 'oxsecurity/megalinter'
	&& !contains(github.event.head_commit.message, 'skip deploy')
	&& !contains(github.event.head_commit.message, 'Release MegaLinter v')
	&& vars.BETA_LINTERS_ENABLED != 'false'
	)
	##################
	# Load all steps #
	##################
	steps:
	- name: Checkout Code
	uses: actions/checkout@v6

	- name: Docker Metadata action
	uses: docker/metadata-action@v6
	id: meta
	with:
	images: \|
	ghcr.io/${{ github.repository }}-only-${{ matrix.linter }}
	flavor: \|
	latest=false
	prefix=beta
	tags: \|
	type=raw,value=
	type=raw,value={{date 'YYYYMMDD_HHmm'}}

	- name: Docker Metadata action (Docker hub)
	uses: docker/metadata-action@v6
	id: meta-dhub
	with:
	images: \|
	docker.io/${{ github.repository }}-only-${{ matrix.linter }}
	flavor: \|
	latest=false
	prefix=beta
	tags: \|
	type=raw,value=
	type=raw,value={{date 'YYYYMMDD_HHmm'}}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v4
	if: ${{ ( ( runner.arch != 'X64' \|\| runner.os != 'Linux' ) && matrix.platform == 'linux/amd64' ) \|\| matrix.platform != 'linux/amd64' }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v4

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v4
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build Image
	uses: docker/build-push-action@v7
	with:
	context: .
	file: linters/${{ matrix.linter }}/Dockerfile
	platforms: ${{ matrix.platform }}
	build-args: \|
	BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
	BUILD_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
	BUILD_REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
	load: false
	push: ${{ github.event_name != 'pull_request' }}
	secrets: \|
	GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
	tags: ${{ steps.meta.outputs.tags }}

	#####################################
	# Run Linter test cases #
	#####################################
	- name: Run Test Cases
	shell: bash
	run: \|
	GITHUB_REPOSITORY=$([ "${{ github.event_name }}" == "pull_request" ] && echo "${{ github.event.pull_request.head.repo.full_name }}" \|\| echo "${{ github.repository }}")
	GITHUB_BRANCH=$([ "${{ github.event_name }}" == "pull_request" ] && echo "${{ github.head_ref }}" \|\| echo "${{ github.ref_name }}")

	TEST_KEYWORDS_TO_USE_UPPER="${{ matrix.linter }}"
	TEST_KEYWORDS_TO_USE="${TEST_KEYWORDS_TO_USE_UPPER,,}"
	docker image ls
	docker run -e TEST_CASE_RUN=true -e OUTPUT_FORMAT=text -e OUTPUT_FOLDER=${{ github.sha }} -e OUTPUT_DETAIL=detailed -e GITHUB_SHA=${{ github.sha }} -e GITHUB_REPOSITORY=${GITHUB_REPOSITORY} -e GITHUB_BRANCH=${GITHUB_BRANCH} -e GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}" -e TEST_KEYWORDS="${TEST_KEYWORDS_TO_USE}" -e MEGALINTER_VOLUME_ROOT="${GITHUB_WORKSPACE}" -v "/var/run/docker.sock:/var/run/docker.sock:rw" -v ${GITHUB_WORKSPACE}:/tmp/lint ${{ fromJson(steps.meta.outputs.json).tags[0]}}
	timeout-minutes: 30

	- name: Invoke Mirror docker image workflow (Standalone linter image)
	uses: benc-uk/workflow-dispatch@v1
	with:
	workflow: mirror-docker-image.yml
	inputs: '{ "source-image": "${{ fromJson(steps.meta.outputs.json).tags[0]}}", "target-image": "${{ fromJson(steps.meta-dhub.outputs.json).tags[0]}}", "free-space-before": "false" }'

	##############################################
	# Check Docker image security with Trivy #
	##############################################
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: "${{ fromJson(steps.meta.outputs.json).tags[0]}}"
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	scanners: vuln
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"
	timeout: 10m0s
	env:
	ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): update dependency ruff to v0.15.6 (#7377) #4083

Workflow file

chore(deps): update dependency ruff to v0.15.6 (#7377) #4083

Uh oh!

Workflow file for this run