diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml deleted file mode 100644 index 5d267e4..0000000 --- a/.github/workflows/gitleaks.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -name: Gitleaks 🌧️ - -on: - workflow_call: - inputs: - gitleaks-version: - description: Gitleaks executable version. - required: false - type: string - default: "8.18.2" - -concurrency: - group: gitleaks-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - gitleaks: - name: ${{ vars.CI_IMAGE }} - runs-on: ubuntu-22.04 - container: - image: ${{ vars.CI_IMAGE }} - - steps: - - name: Checkout project ⬇️ - uses: actions/checkout@v4 - - - name: Normalize inputs 📐 - shell: bash - run: | - gitleaks_version_input="${{ inputs.gitleaks-version }}" - echo "GITLEAKS_VERSION=${gitleaks_version_input:-8.18.2}" >> $GITHUB_ENV - - - name: Install gitleaks 💧 - run: | - cd /tmp - wget -q \ - "https://github.com/zricethezav/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz" \ - -O gitleaks.tar.gz || \ - (echo "Error downloading gitleaks ${GITLEAKS_VERSION} tarball" && exit 1) - tar -xvzf gitleaks.tar.gz || \ - (echo "Error unarchiving gitleaks ${GITLEAKS_VERSION} tarball" && exit 1) - mv gitleaks /usr/bin/. || \ - (echo "Error moving gitleaks for /usr/bin" && exit 1) - shell: bash - - - name: Run gitleaks 🌧️ - run: gitleaks -v detect --no-git --source . - shell: bash diff --git a/workflows.md b/workflows.md index 4063b3e..cf444d0 100644 --- a/workflows.md +++ b/workflows.md @@ -8,13 +8,9 @@ Runs devtools::check() and devtools::test() on the R package inside the checked Runs tests on the installed package, generates the qc documentation and uploads it as an artifact for later consumption. -### [`gitleaks.yml`](https://github.com/boehringer-ingelheim/dv.templates/blob/main/.github/workflows/gitleaks.yml) - -Runs [`gitleaks`](https://github.com/zricethezav/gitleaks) on the repo to discover any secrets that might have been hardcoded. - ### [`lintr.yml`](https://github.com/boehringer-ingelheim/dv.templates/blob/main/.github/workflows/lintr.yml) -Runs lintr on the repo with the linting settings specified in the container image. +Runs lintr on the repo with the linting settings specified in the container image, except when overriden by a repository-specific `.lintr.R` configuration file. ### [`pkgdown.yml`](https://github.com/boehringer-ingelheim/dv.templates/blob/main/.github/workflows/pkgdown.yml) @@ -23,7 +19,7 @@ Generates a [`pkgdown`](https://pkgdown.r-lib.org/) website and uploads it to Gi ### [`roxygen.yml`](https://github.com/boehringer-ingelheim/dv.templates/blob/main/.github/workflows/roxygen.yml) Uses [`roxygen`](https://roxygen2.r-lib.org/) to generate `.Rd` files in the -`man/` directory. It also checks if manuals are up-to-date with roxygen comments in the code. +`man/` directory. It also checks if manuals are up-to-date with roxygen comments in the code. (Currently broken). ### [`release.yml`](https://github.com/boehringer-ingelheim/dv.templates/blob/main/.github/workflows/release.yml) @@ -64,10 +60,6 @@ jobs: with: lintr_error_on_lint: true - gitleaks: - name: Gitleaks 🌧️ - uses: boehringer-ingelheim/dv.templates/.github/workflows/gitleaks.yml@main - roxygen: name: Roxygen 📄 uses: boehringer-ingelheim/dv.templates/.github/workflows/roxygen.yml@main