init
This commit is contained in:
Bret Fisher
15
.github/dependabot.yml
vendored
Normal file
15
.github/dependabot.yml
vendored
Normal file
@@ -0,0 +1,15 @@
|
||||
version: 2
|
||||
updates:
|
||||
# you can add other package ecosystems here for granular control of security updates
|
||||
# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
|
||||
# bundler, docker (FROM image), git submodules, go, npm, pip, terraform, all supported
|
||||
|
||||
##########################################
|
||||
# Maintain dependencies for GitHub Actions
|
||||
##########################################
|
||||
# On the interval, dependabot will scan for any updates to GH Actions (steps)
|
||||
# Then it open PRs to the default branch for each action that has an updated version
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "monthly"
|
||||
115
.github/workflows/super-linter.yaml
vendored
Normal file
115
.github/workflows/super-linter.yaml
vendored
Normal file
@@ -0,0 +1,115 @@
|
||||
---
|
||||
# origional template from: https://github.com/bretfisher/super-linter-example/blob/main/.github/workflows/super-linter.yaml
|
||||
|
||||
###########################
|
||||
###########################
|
||||
## Linter GitHub Actions ##
|
||||
###########################
|
||||
###########################
|
||||
name: Lint all the codes!
|
||||
|
||||
#
|
||||
# Documentation:
|
||||
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
|
||||
#
|
||||
|
||||
#############################
|
||||
# lint on push to release/main branches
|
||||
# also lint on all pushes to PRs
|
||||
#############################
|
||||
on:
|
||||
# runs when PRs are merged, or pushes directly to these branches
|
||||
# if you have multiple release branches, add them to push
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
# runs on pushed commits to any PR
|
||||
pull_request:
|
||||
|
||||
|
||||
permissions:
|
||||
actions: none
|
||||
checks: none #add custom pass/fail checks to the PR
|
||||
contents: read #git permissions to repo pull/push
|
||||
deployments: none
|
||||
issues: none #read/write to repo Issues
|
||||
packages: none #read/write to repo Packages (ghcr, gems, npm)
|
||||
pull-requests: none #read/write to repo PRs
|
||||
repository-projects: none
|
||||
security-events: none #read/write to repo Security tab API
|
||||
statuses: write #read/write to repo custom statuses and checks
|
||||
|
||||
|
||||
jobs:
|
||||
super-lint:
|
||||
# Name the Job
|
||||
name: Super-Linter
|
||||
|
||||
# Set the agent to run on
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v2.3.4
|
||||
with:
|
||||
# Full git history is needed to get a proper list of changed files within `super-linter`
|
||||
fetch-depth: 0
|
||||
|
||||
#############################
|
||||
# custom DEFAULT_BRANCH for repos where PR target isn't always main/master
|
||||
#############################
|
||||
- name: Set DEFAULT_BRANCH to PR target
|
||||
# if base_ref has a value, this is a PR
|
||||
# we save the PR target branch name to a variable for use in linter config
|
||||
# we pass string between job steps by echoing to $GITHUB_ENV, making it available in $env later
|
||||
if: ${{ github.base_ref != '' }}
|
||||
run: |
|
||||
# shellcheck disable=2086
|
||||
echo "DEFAULT_BRANCH=${{ github.base_ref }}" >> $GITHUB_ENV
|
||||
echo "this is a PR branch. Let's only lint the files that are changed against the target branch '${{ github.base_ref }}'"
|
||||
|
||||
- name: Set DEFAULT_BRANCH to current branch
|
||||
# if base_ref has no value, this is just a commit on a branch
|
||||
# we need to strip refs/heads from github.ref to find the current branch name
|
||||
# then save the current branch name to a variable for use in linter config later
|
||||
# we pass strings between job steps by echoing to $GITHUB_ENV, making it available in $env later
|
||||
if: ${{ github.base_ref == '' }}
|
||||
run: |
|
||||
# shellcheck disable=2086
|
||||
echo "DEFAULT_BRANCH=$(echo '${{ github.ref }}' | sed 's/refs\/heads\///')" >> $GITHUB_ENV
|
||||
echo "this is just a branch push, not a PR."
|
||||
|
||||
# used as a debug step to ensure we're only linting all files on release branches
|
||||
- name: Are we linting all files?
|
||||
run: |
|
||||
echo VALIDATE_ALL_CODEBASE=${{ !contains(github.event_name, 'pull_request') }}
|
||||
|
||||
#############################
|
||||
# Run many Linters against changed files on PRs, and ALL files on commit to release branch
|
||||
#############################
|
||||
# https://github.com/marketplace/actions/super-linter
|
||||
- name: Lint Code Base
|
||||
uses: github/super-linter@v4.8.0
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
# by default super-linter assumes our repo default branch doesn't change
|
||||
# and it also assumes our PRs are always against that default branch
|
||||
# for multi-trunk (releases) repos, this get the base branch from the previous steps
|
||||
# see issue https://github.com/github/super-linter/issues/1123
|
||||
DEFAULT_BRANCH: ${{ env.DEFAULT_BRANCH }}
|
||||
# setting this to false means that only changed files will be scanned in each commit
|
||||
VALIDATE_ALL_CODEBASE: ${{ !contains(github.event_name, 'pull_request') }}
|
||||
# turn off dockerfilelint, as its a dead project
|
||||
# https://github.com/replicatedhq/dockerfilelint/issues/169
|
||||
# hadolint will still run and is sufficient (no need for two linters)
|
||||
VALIDATE_DOCKERFILE: false
|
||||
# turn off JSCPD copy/paste detection, which results in lots of results for examples and devops repos
|
||||
VALIDATE_JSCPD: false
|
||||
# turn off shfmt shell formatter as we already have shellcheck
|
||||
VALIDATE_SHELL_SHFMT: false
|
||||
# editorconfig is great, but...
|
||||
# editorconfig-linter is rather generic and file-specific linters are better
|
||||
# turn off editorconfig-checker, which flags too many false positives
|
||||
VALIDATE_EDITORCONFIG: false
|
||||
# prevent Kubernetes CRD API's from causing kubeval to fail
|
||||
KUBERNETES_KUBEVAL_OPTIONS: --ignore-missing-schemas
|
||||
20
README.md
20
README.md
@@ -1,2 +1,18 @@
|
||||
# super-linter-example
|
||||
A Reusable Workflow of the Super-Linter GitHub Action
|
||||
# Super Linter Reusable Worklow Example
|
||||
|
||||
The GitHub (Super-Linter)[https://github.com/marketplace/actions/super-linter] project is a great way to lint all your file types with a single GitHub Actions Workflow.
|
||||
A great way to implement it is in all repos using a Workflow step that points to this Reusable Workflow.
|
||||
|
||||
Video Walkthrough of this repo: https://youtu.be/aXZgQM8DqXg
|
||||
|
||||
## Features of this Super-Linter example
|
||||
|
||||
- All the features of Super-Linter in a Workflow
|
||||
- Bonus: Added Job steps to correctly determine which branch to diff files with
|
||||
- Bonus: Lints only changed files on a PR, but lints all files on merge to main (or any release) branch
|
||||
|
||||
## How to reuse this example as a template and Reusable Workflow
|
||||
|
||||
## How to run Super-Linter locally
|
||||
|
||||
## How to run Super-Linter in GitLab, Drone, Jenkins, etc.
|
||||
Reference in New Issue
Block a user