arcodange-org/super-linter-workflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7467ef7790704c767e5d883511e4c2460758f785
super-linter-workflow/.github/workflows/super-linter.yaml
Bret Fisher 7467ef7790 fixing lints
2022-01-16 13:23:32 -05:00

137 lines
5.7 KiB
YAML
Raw Blame History

---
# original template from: https://github.com/bretfisher/super-linter-example/blob/main/.github/workflows/super-linter.yaml
###########################
###########################
## Linter GitHub Actions ##
###########################
###########################
name: Lint all the codes
#
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
#
#############################
# lint on push to release/main branches
# also lint on all pushes to PRs
#############################
on:
# runs when PRs are merged, or pushes directly to these branches
# if you have multiple release branches, add them to push
push:
branches:
- main
# runs on pushed commits to any PR
pull_request:
# allow reuse of this workflow in other repos
workflow_call:
inputs:
devops-only:
description: For a DevOps-focused repository. Prevents some code-language linters from running
required: false
type: boolean
default: false
permissions:
actions: none
checks: none # add custom pass/fail checks to the PR
contents: read # git permissions to repo pull/push
deployments: none
issues: none # read/write to repo Issues
packages: none # read/write to repo Packages (ghcr, gems, npm)
pull-requests: none # read/write to repo PRs
repository-projects: none
security-events: none # read/write to repo Security tab API
statuses: write # read/write to repo custom statuses and checks
jobs:
super-lint:
# Name the Job
name: Super-Linter
# Set the agent to run on
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v2.4.0
with:
# Full git history is needed to get a proper list of changed files within `super-linter`
fetch-depth: 0
#############################
# custom DEFAULT_BRANCH for repos where PR target isn't always main/master
#############################
- name: Set DEFAULT_BRANCH to PR target
# if base_ref has a value, this is a PR
# we save the PR target branch name to a variable for use in linter config
# we pass string between job steps by echoing to $GITHUB_ENV, making it available in $env later
if: ${{ github.base_ref != '' }}
run: |
# shellcheck disable=2086
echo "DEFAULT_BRANCH=${{ github.base_ref }}" >> $GITHUB_ENV
echo "this is a PR branch. Let's only lint the files that are changed against the target branch '${{ github.base_ref }}'"
- name: Set DEFAULT_BRANCH to current branch
# if base_ref has no value, this is just a commit on a branch
# we need to strip refs/heads from github.ref to find the current branch name
# then save the current branch name to a variable for use in linter config later
# we pass strings between job steps by echoing to $GITHUB_ENV, making it available in $env later
if: ${{ github.base_ref == '' }}
run: |
# shellcheck disable=2086
echo "DEFAULT_BRANCH=$(echo '${{ github.ref }}' | sed 's/refs\/heads\///')" >> $GITHUB_ENV
echo "this is just a branch push, not a PR."
# used as a debug step to ensure we're only linting all files on release branches
- name: Are we linting all files?
run: |
echo VALIDATE_ALL_CODEBASE=${{ !contains(github.event_name, 'pull_request') }}
# disable non-DevOps focused linters that might run on sample code or 3rd party code
# these env's will get pass to the next step
- name: Disable non-DevOps linters
if: ${{ inputs.devops-only == true }}
run: |
# shellcheck disable=2086
{
echo "VALIDATE_CSS=false";
echo "VALIDATE_HTML=false";
echo "VALIDATE_JAVASCRIPT_ES=false";
echo "VALIDATE_JAVASCRIPT_STANDARD=false";
} >> $GITHUB_ENV
#############################
# Run many Linters against changed files on PRs, and ALL files on commit to release branch
#############################
# https://github.com/marketplace/actions/super-linter
- name: Lint Code Base
uses: github/super-linter@v4.8.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# by default super-linter assumes our repo default branch doesn't change
# and it also assumes our PRs are always against that default branch
# for multi-trunk (releases) repos, this get the base branch from the previous steps
# see issue https://github.com/github/super-linter/issues/1123
DEFAULT_BRANCH: ${{ env.DEFAULT_BRANCH }}
# setting this to false means that only changed files will be scanned in each commit
VALIDATE_ALL_CODEBASE: ${{ !contains(github.event_name, 'pull_request') }}
# turn off dockerfilelint, as its a dead project
# https://github.com/replicatedhq/dockerfilelint/issues/169
# hadolint will still run and is sufficient (no need for two linters)
VALIDATE_DOCKERFILE: false
# turn off JSCPD copy/paste detection, which results in lots of results for examples and devops repos
VALIDATE_JSCPD: false
# turn off shfmt shell formatter as we already have shellcheck
VALIDATE_SHELL_SHFMT: false
# editorconfig is great, but...
# editorconfig-linter is rather generic and file-specific linters are better
# turn off editorconfig-checker, which flags too many false positives
VALIDATE_EDITORCONFIG: false
# prevent Kubernetes CRD API's from causing kubeval to fail
KUBERNETES_KUBEVAL_OPTIONS: --ignore-missing-schemas
Reference in New Issue View Git Blame Copy Permalink