Replace hadolint with Trivy #352
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'CI - Devcontainer' | |
on: | |
push: | |
branches: [main] | |
paths: | |
- '.devcontainer/**' | |
- '.github/workflows/ci-devcontainer.yml' | |
- '*.nix' | |
- 'Makefile.toml' | |
- '**vscode**' | |
pull_request: | |
paths: | |
- '.devcontainer/**' | |
- '.github/workflows/ci-devcontainer.yml' | |
schedule: | |
# Every 10:42 JST | |
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule | |
- cron: '42 1 * * *' | |
workflow_dispatch: | |
jobs: | |
build: | |
timeout-minutes: 30 | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 | |
- name: Log host users and file owners | |
run: | | |
whoami | |
id | |
ls -alh | |
- name: Set UID and GID as ENV from repository files | |
run: | | |
uid="$(stat -c '%u' .)" | |
gid="$(stat -c '%g' .)" | |
echo "container_user_uid=${uid}" | tee -a "$GITHUB_ENV" | |
echo "container_user_gid=${gid}" | tee -a "$GITHUB_ENV" | |
- name: Build and run dev container task | |
uses: devcontainers/ci@7957e0cf6d027a8ab027745f399fcdbd3aa74f0f # v0.3 | |
with: | |
# Can't we call these commands on the nix develop even enabled direnv...? | |
runCmd: | | |
nix develop --command makers deps; | |
nix develop --command makers setup && nix develop --command makers check |