Unify YAML indent (#6041)
This commit is contained in:
Simran
@@ -175,28 +175,28 @@ jobs:
|
||||
actions: read{% endif %}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: '3.x'
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
if [ -f requirements.txt ];
|
||||
then pip install -r requirements.txt;
|
||||
fi
|
||||
# Set the `CODEQL-PYTHON` environment variable to the Python executable
|
||||
# that includes the dependencies
|
||||
echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
with:
|
||||
languages: python
|
||||
# Override the default behavior so that the action doesn't attempt
|
||||
# to auto-install Python dependencies
|
||||
setup-python-dependencies: false
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: '3.x'
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
if [ -f requirements.txt ];
|
||||
then pip install -r requirements.txt;
|
||||
fi
|
||||
# Set the `CODEQL-PYTHON` environment variable to the Python executable
|
||||
# that includes the dependencies
|
||||
echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
with:
|
||||
languages: python
|
||||
# Override the default behavior so that the action doesn't attempt
|
||||
# to auto-install Python dependencies
|
||||
setup-python-dependencies: false
|
||||
```
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -59,16 +59,16 @@ jobs:
|
||||
image: codeql-container:f0f91db
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Initialize {% data variables.product.prodname_codeql %}
|
||||
uses: github/codeql-action/init@v1
|
||||
with:
|
||||
languages: {% raw %}${{ matrix.language }}{% endraw %}
|
||||
- name: Build
|
||||
run: |
|
||||
./configure
|
||||
make
|
||||
- name: Perform {% data variables.product.prodname_codeql %} Analysis
|
||||
uses: github/codeql-action/analyze@v1
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Initialize {% data variables.product.prodname_codeql %}
|
||||
uses: github/codeql-action/init@v1
|
||||
with:
|
||||
languages: {% raw %}${{ matrix.language }}{% endraw %}
|
||||
- name: Build
|
||||
run: |
|
||||
./configure
|
||||
make
|
||||
- name: Perform {% data variables.product.prodname_codeql %} Analysis
|
||||
uses: github/codeql-action/analyze@v1
|
||||
```
|
||||
|
||||
@@ -138,29 +138,29 @@ commit for best results.
|
||||
Fix this by removing the following lines from the {% data variables.product.prodname_codeql %} workflow. These lines were included in the `steps` section of the `Analyze` job in initial versions of the {% data variables.product.prodname_codeql %} workflow.
|
||||
|
||||
```yaml
|
||||
with:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
with:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
|
||||
# If this run was triggered by a pull request event, then checkout
|
||||
# the head of the pull request instead of the merge commit.
|
||||
- run: git checkout HEAD^2
|
||||
if: {% raw %}${{ github.event_name == 'pull_request' }}{% endraw %}
|
||||
```
|
||||
# If this run was triggered by a pull request event, then checkout
|
||||
# the head of the pull request instead of the merge commit.
|
||||
- run: git checkout HEAD^2
|
||||
if: {% raw %}${{ github.event_name == 'pull_request' }}{% endraw %}
|
||||
```
|
||||
|
||||
The revised `steps` section of the workflow will look like this:
|
||||
|
||||
```yaml
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# Initializes the {% data variables.product.prodname_codeql %} tools for scanning.
|
||||
- name: Initialize {% data variables.product.prodname_codeql %}
|
||||
uses: github/codeql-action/init@v1
|
||||
# Initializes the {% data variables.product.prodname_codeql %} tools for scanning.
|
||||
- name: Initialize {% data variables.product.prodname_codeql %}
|
||||
uses: github/codeql-action/init@v1
|
||||
|
||||
...
|
||||
...
|
||||
```
|
||||
|
||||
For more information about editing the {% data variables.product.prodname_codeql %} workflow file, see "[Configuring {% data variables.product.prodname_code_scanning %}](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#editing-a-code-scanning-workflow)."
|
||||
|
||||
@@ -59,7 +59,7 @@ name: "Upload SARIF"
|
||||
on:
|
||||
push:
|
||||
schedule:
|
||||
- cron: '45 15 * * 5'
|
||||
- cron: '45 15 * * 5'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
@@ -67,14 +67,14 @@ jobs:
|
||||
permissions:
|
||||
security-events: write{% endif %}
|
||||
steps:
|
||||
# This step checks out a copy of your repository.
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: results.sarif
|
||||
# This step checks out a copy of your repository.
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: results.sarif
|
||||
```
|
||||
|
||||
#### Example workflow that runs the ESLint analysis tool
|
||||
@@ -93,7 +93,7 @@ name: "ESLint analysis"
|
||||
on:
|
||||
push:
|
||||
schedule:
|
||||
- cron: '45 15 * * 1'
|
||||
- cron: '45 15 * * 1'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
@@ -101,18 +101,18 @@ jobs:
|
||||
permissions:
|
||||
security-events: write{% endif %}
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Run npm install
|
||||
run: npm install
|
||||
# Runs the ESlint code analysis
|
||||
- name: Run ESLint
|
||||
# eslint exits 1 if it finds anything to report
|
||||
run: node_modules/.bin/eslint build docs lib script spec-main -f node_modules/@microsoft/eslint-formatter-sarif/sarif.js -o results.sarif || true
|
||||
# Uploads results.sarif to GitHub repository using the upload-sarif action
|
||||
- uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: results.sarif
|
||||
- uses: actions/checkout@v2
|
||||
- name: Run npm install
|
||||
run: npm install
|
||||
# Runs the ESlint code analysis
|
||||
- name: Run ESLint
|
||||
# eslint exits 1 if it finds anything to report
|
||||
run: node_modules/.bin/eslint build docs lib script spec-main -f node_modules/@microsoft/eslint-formatter-sarif/sarif.js -o results.sarif || true
|
||||
# Uploads results.sarif to GitHub repository using the upload-sarif action
|
||||
- uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: results.sarif
|
||||
```
|
||||
|
||||
### Further reading
|
||||
|
||||
Reference in New Issue
Block a user