From 06a847d317e35a95ea77b2147d77e05be1734ecb Mon Sep 17 00:00:00 2001 From: Christoph Hartmann Date: Sun, 1 Jan 2023 15:58:11 +0100 Subject: [PATCH] =?UTF-8?q?=E2=AD=90=EF=B8=8F=20add=20policy=20bundle=20li?= =?UTF-8?q?nt=20action?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/lint.yaml | 24 ++++++++++++++++++++++++ .github/workflows/validate.yaml | 23 ----------------------- 2 files changed, 24 insertions(+), 23 deletions(-) create mode 100644 .github/workflows/lint.yaml delete mode 100644 .github/workflows/validate.yaml diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 00000000..9b8e1ff1 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,24 @@ +--- +name: Lint Policies + +on: + pull_request: + push: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Lint cnspec policies and output SARIF + uses: mondoohq/actions/cnspec-lint@main + with: + path: . + output-file: 'results.sarif' + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif \ No newline at end of file diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml deleted file mode 100644 index f01591d8..00000000 --- a/.github/workflows/validate.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -name: Validate Policies - -on: - pull_request: - push: - branches: - - main - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - name: Install Mondoo's cnspec - run: | - bash -c "$(curl -sSL https://install.mondoo.com/sh/cnspec)" - shell: bash - - name: Validate policies - shell: bash - run: > - find . -name '*.mql.yaml' -exec cnspec bundle validate {} \; \ No newline at end of file