standardised workflows and package updates

Consensys · Jul 10, 2024 · 9fcf75f · 9fcf75f
1 parent 9b4a753
commit 9fcf75f
Show file tree

Hide file tree

Showing 8 changed files with 2,599 additions and 2,638 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -2,23 +2,19 @@
 name: Build
 
 on:
+  workflow_call:
   pull_request:
     branches:
       - main
-    # Review gh actions docs if you want to further define triggers, paths, etc
-    # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#on
 
 jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
-    # the enviroment to deploy to / use secrets from
-    environment: no-secret
-    # modify the default permissions of the GITHUB_TOKEN, so as to only allow least priveleges
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Build
         uses: ConsenSys/docs-gha/build@main

diff --git a/.github/workflows/case.yml b/.github/workflows/case.yml
@@ -13,13 +13,10 @@ jobs:
     strategy:
       matrix:
         folder: ["docs"]
-    # the enviroment to deploy to / use secrets from
-    environment: no-secret
-    # modify the default permissions of the GITHUB_TOKEN, so as to only allow least priveleges
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Case check action
         uses: ConsenSys/docs-gha/case@main

diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
@@ -0,0 +1,11 @@
+name: 'Dependency Review'
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+    assignees:
+      - "protocol-galileo"      
diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml
@@ -0,0 +1,24 @@
+---
+name: Check file name case
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  case:
+    name: Check for licences not being allowed
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        folder: ["docs"]
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Dependency review
+        uses: ConsenSys/docs-gha/dependency-review@main
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -1,5 +1,5 @@
 ---
-name: Check for lint/build errors
+name: Check for lint, spelling and link errors
 
 on:
   pull_request:
@@ -10,13 +10,10 @@ jobs:
   lint:
     name: Lint Code Base, Spelling, Link Check
     runs-on: ubuntu-latest
-    # the enviroment to deploy to / use secrets from
-    environment: no-secret
-    # modify the default permissions of the GITHUB_TOKEN, so as to only allow least priveleges
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Lint
         uses: ConsenSys/docs-gha/lint@main
@@ -26,12 +23,11 @@ jobs:
   linkCheck:
     name: Link Checking
     runs-on: ubuntu-latest
-    environment: no-secret
     strategy:
       matrix:
         file-extensions: [".md", ".mdx"]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: LinkCheck
         uses: ConsenSys/docs-gha/linkcheck@main
         with:

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -0,0 +1,18 @@
+---
+name: Trivy
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  trivy:
+    name: Run trivy scanner
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Trivy
+        uses: ConsenSys/docs-gha/trivy@main
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}