---
when:
  - event: "push"
    branch: "main"
  - event: "manual"

steps:

  # gitleaks
  - name: "gitleaks"
    # renovate: datasource=github-releases depName=gitleaks/gitleaks
    image: "cr.simoncor.net/ghcr/gitleaks/gitleaks:v8.30.1"
    commands:
      - "gitleaks detect --source . --verbose --redact"

  # yamllint
  - name: "yamllint"
    # renovate: datasource=docker depName=cr.simoncor.net/yamllint
    image: "cr.simoncor.net/yamllint:1.38.0"
    depends_on:
      - "gitleaks"
    commands:
      - "yamllint -c .yamllint ."

  # ansible-lint
  - name: "ansible-lint"
    # renovate: datasource=docker depName=docker.io/pipelinecomponents/ansible-lint
    image: "cr.simoncor.net/dockerhub/pipelinecomponents/ansible-lint:0.79.0"
    depends_on:
      - "gitleaks"
    commands:
      - "ansible-lint -c .ansible-lint ."

  # markdownlint
  - name: "markdownlint"
    # renovate: datasource=docker depName=docker.io/davidanson/markdownlint-cli2
    image: "cr.simoncor.net/dockerhub/davidanson/markdownlint-cli2:v0.18.1"
    depends_on:
      - "gitleaks"
    commands:
      - "markdownlint-cli2 --config .markdownlint-cli2.jsonc"