This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: lint | |
on: | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
workflow_call: | |
# concurrency: | |
# group: ${{ github.workflow }}-${{ github.ref }}-${{ github.action }} | |
# cancel-in-progress: false | |
permissions: | |
pull-requests: read | |
contents: read | |
checks: write | |
jobs: | |
lint: | |
name: lint | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
permissions: | |
checks: write # For trunk to post annotations | |
contents: read # For repo checkout | |
steps: | |
- name: checkout | |
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 | |
- name: set-aqua-policy-if-file-exists | |
run: | | |
if [[ -f aqua-policy.yaml ]]; then | |
echo "AQUA_POLICY_CONFIG=${GITHUB_WORKSPACE}/aqua-policy.yaml:${AQUA_POLICY_CONFIG}" >> $GITHUB_ENV | |
else | |
echo "👉 No aqua-policy.yaml file found, skipping setting AQUA_POLICY_CONFIG" | |
fi | |
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2 | |
continue-on-error: true | |
with: | |
aqua_version: v2.30.0 | |
enable_aqua_install: true | |
aqua_opts: '--tags lint' # if using aqua.yaml config any special items in your repo like Golangci-lint using tags so it only installs what's needed | |
env: | |
AQUA_LOG_LEVEL: debug | |
AQUA_OPTS: '' | |
- name: trunk-check | |
uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16 | |
with: | |
arguments: --github-annotate-new-only=true | |
changie-validation: | |
name: changie-validation | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: write | |
contents: read | |
checks: write | |
env: | |
GH_TOKEN: ${{ github.token }} | |
steps: | |
- uses: t@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 | |
fetch-depth: 0 | |
ref: ${{ github.head_ref }} | |
- name: Set up default branch name | |
id: default_branch | |
run: echo "DEFAULT_BRANCH=$(gh repo view --json defaultBranchRef -q '.defaultBranchRef.name')" >> $GITHUB_ENV | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check for .changes directory | |
id: check_changes_dir | |
run: | | |
if [[ -d ".changes" ]]; then | |
echo "changes_dir_exists=true" >> $GITHUB_OUTPUT | |
else | |
echo "changes_dir_exists=false" >> $GITHUB_OUTPUT | |
echo "⏩ no changie entry required on this" | |
fi | |
- name: Fetch default branch | |
run: git fetch origin ${{ env.DEFAULT_BRANCH }} | |
- name: Check for labels | |
id: check_labels | |
run: | | |
echo "no_changie_required=false" >> $GITHUB_OUTPUT | |
echo "dependencies=false" >> $GITHUB_OUTPUT | |
for label in $(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name'); do | |
if [[ "$label" == "no-changie-required" ]]; then | |
echo "no_changie_required=true" >> $GITHUB_OUTPUT | |
echo "❎ bypass on changie noted due to label" | |
elif [[ "$label" == "dependencies" ]]; then | |
echo "dependencies=true" >> $GITHUB_OUTPUT | |
fi | |
done | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Validate changie entry | |
id: validate_changie_entry | |
if: steps.check_changes_dir.outputs.changes_dir_exists == 'true' && steps.check_labels.outputs.no_changie_required == 'false' && steps.check_labels.outputs.dependencies == 'false' | |
run: | | |
changes=$(git diff --name-only origin/${{ env.DEFAULT_BRANCH }}...HEAD -- .changes/) | |
if [[ -n "$changes" ]]; then | |
echo "Changie entry found" | |
comment="✅ changie entry was found" | |
if ! gh pr view ${{ github.event.pull_request.number }} --comments | grep -q "✅ changie entry was found"; then | |
gh pr review ${{ github.event.pull_request.number }} --comment --body "$comment" | |
fi | |
else | |
echo "No changie entry found in .changes" | |
comment="❌ A changie entry is required in .changes/" | |
if ! gh pr view ${{ github.event.pull_request.number }} --comments | grep -q "❌ A changie entry is required in .changes/unreleased"; then | |
gh pr review ${{ github.event.pull_request.number }} --request-changes --body "$comment" | |
fi | |
fi | |
if [[ -n "$comment" ]]; then | |
gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment" | |
fi | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |