.github/workflows/differential-shellcheck.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

---
# https://github.com/redhat-plumbers-in-action/differential-shellcheck#readme

name: Differential ShellCheck
on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

permissions:
  contents: read

jobs:
  lint:
    if: github.event.repository.name != 'systemd-security'
    runs-on: ubuntu-latest

    permissions:
      security-events: write

    steps:
      - name: Repository checkout
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
        with:
          fetch-depth: 0

      - name: Differential ShellCheck
        uses: redhat-plumbers-in-action/differential-shellcheck@aa647ec4466543e8555c2c3b648124a9813cee44
        with:
          # exclude all `.in` files because they may contain unsupported syntax, and they have to be preprocessed first
          exclude-path: '**/*.in'
          token: ${{ secrets.GITHUB_TOKEN }}