arcodange-org/super-linter-workflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

reorg (#15)

Browse Source
This commit is contained in:
Bret Fisher
2022-05-02 15:36:35 -04:00
committed by GitHub
parent a43fa4363a
commit 3b63d1a3ea
4 changed files with 65 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
.github/workflows/reusable-super-linter.yaml vendored Normal file
View File

@@ -0,0 +1,137 @@
---
# original template from: https://github.com/bretfisher/super-linter-workflow/blob/main/.github/workflows/reusable-super-linter.yaml
###########################
###########################
## Linter GitHub Actions ##
###########################
###########################
name: Lint all the codes
#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#
on:
workflow_call:
inputs:
devops-only:
description: For a DevOps-focused repository. Prevents some code-language linters from running
required: false
type: boolean
default: false
filter-regex-exclude:
description: A regex to exclude files from linting
required: false
type: string
permissions:
contents: read # git permissions to repo pull/push
statuses: write # read/write to repo custom statuses and checks
jobs:
super-lint:
name: Super-Linter
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
# Full git history is needed to get a proper list of changed files within super-linter
fetch-depth: 0
#############################
# custom DEFAULT_BRANCH for repos where PR target isn't always main/master
#############################
- name: Set DEFAULT_BRANCH to PR target
# if base_ref has a value, this is a PR
# we save the PR target branch name to a variable for use in linter config
# we pass string between job steps by echoing to $GITHUB_ENV, making it available in $env later
if: ${{ github.base_ref != '' }}
run: |
# shellcheck disable=2086
echo "DEFAULT_BRANCH=${{ github.base_ref }}" >> $GITHUB_ENV
echo "this is a PR branch. Let's only lint the files that are changed against the target branch '${{ github.base_ref }}'"
- name: Set DEFAULT_BRANCH to current branch
# if base_ref has no value, this is just a commit on a branch
# we need to strip refs/heads from github.ref to find the current branch name
# then save the current branch name to a variable for use in linter config later
# we pass strings between job steps by echoing to $GITHUB_ENV, making it available in $env later
if: ${{ github.base_ref == '' }}
run: |
# shellcheck disable=2086
echo "DEFAULT_BRANCH=$(echo '${{ github.ref }}' | sed 's/refs\/heads\///')" >> $GITHUB_ENV
echo "this is just a branch push, not a PR."
# used as a debug step to ensure we're only linting all files on release branches
- name: Are we linting all files?
run: |
echo VALIDATE_ALL_CODEBASE=${{ !contains(github.event_name, 'pull_request') }}
# customize excluded paths and files with regex
- name: FILTER_REGEX_EXCLUDE
if: ${{ inputs.filter-regex-exclude }}
run: |
# shellcheck disable=2086
{
echo "FILTER_REGEX_EXCLUDE=${{ inputs.filter-regex-exclude }}" >> $GITHUB_ENV
}
# disable non-DevOps focused linters that might run on sample code or 3rd party code
# these env's will get pass to the next step
- name: Disable non-DevOps linters
if: ${{ inputs.devops-only == true }}
run: |
# shellcheck disable=2086
{
echo "VALIDATE_CSS=false";
echo "VALIDATE_HTML=false";
echo "VALIDATE_JAVASCRIPT_ES=false";
echo "VALIDATE_TYPESCRIPT_ES=false";
echo "VALIDATE_TYPESCRIPT_STANDARD=false";
echo "VALIDATE_JAVASCRIPT_STANDARD=false";
echo "VALIDATE_PYTHON_MYPY=false";
echo "VALIDATE_PYTHON_BLACK=false";
echo "VALIDATE_RUBY=false";
echo "VALIDATE_PHP=false";
echo "VALIDATE_CSHARP=false";
} >> $GITHUB_ENV
#############################
# Run many Linters against changed files on PRs, and ALL files on commit to release branch
#############################
# https://github.com/marketplace/actions/super-linter
- name: Lint Code Base
uses: github/super-linter@v4.9.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# by default super-linter assumes our repo default branch doesn't change
# and it also assumes our PRs are always against that default branch
# for multi-trunk (releases) repos, this get the base branch from the previous steps
# see issue https://github.com/github/super-linter/issues/1123
DEFAULT_BRANCH: ${{ env.DEFAULT_BRANCH }}
# setting this to false means that only changed files will be scanned in each commit
VALIDATE_ALL_CODEBASE: ${{ !contains(github.event_name, 'pull_request') }}
# turn off dockerfilelint, as its a dead project
# https://github.com/replicatedhq/dockerfilelint/issues/169
# hadolint will still run and is sufficient (no need for two linters)
VALIDATE_DOCKERFILE: false
# turn off JSCPD copy/paste detection, which results in lots of results for examples and devops repos
VALIDATE_JSCPD: false
# turn off shfmt shell formatter as we already have shellcheck
VALIDATE_SHELL_SHFMT: false
# editorconfig is great, but...
# editorconfig-linter is rather generic and file-specific linters are better
# turn off editorconfig-checker, which flags too many false positives
VALIDATE_EDITORCONFIG: false
# prevent Kubernetes CRD API's from causing kubeval to fail
# also change schema location to an up-to-date list
# https://github.com/yannh/kubernetes-json-schema/#kubeval
KUBERNETES_KUBEVAL_OPTIONS: --ignore-missing-schemas --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/