-
Notifications
You must be signed in to change notification settings - Fork 1
127 lines (120 loc) · 5.06 KB
/
lint.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
---
name: lint
on:
pull_request:
branches:
- main
workflow_dispatch:
workflow_call:
# concurrency:
# group: ${{ github.workflow }}-${{ github.ref }}-${{ github.action }}
# cancel-in-progress: false
permissions:
pull-requests: read
contents: read
checks: write
jobs:
lint:
name: lint
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
checks: write # For trunk to post annotations
contents: read # For repo checkout
steps:
- name: checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: set-aqua-policy-if-file-exists
run: |
if [[ -f aqua-policy.yaml ]]; then
echo "AQUA_POLICY_CONFIG=${GITHUB_WORKSPACE}/aqua-policy.yaml:${AQUA_POLICY_CONFIG}" >> $GITHUB_ENV
else
echo "👉 No aqua-policy.yaml file found, skipping setting AQUA_POLICY_CONFIG"
fi
- uses: aquaproj/aqua-installer@fd2089d1f56724d6456f24d58605e6964deae124 # v2.3.2
continue-on-error: true
with:
aqua_version: v2.34.0
enable_aqua_install: true
aqua_opts: '--tags lint' # if using aqua.yaml config any special items in your repo like Golangci-lint using tags so it only installs what's needed
env:
AQUA_LOG_LEVEL: debug
AQUA_OPTS: ''
- name: trunk-check
uses: trunk-io/trunk-action@86b68ffae610a05105e90b1f52ad8c549ef482c2 # v1.1.16
with:
arguments: --github-annotate-new-only=true
changie-validation:
name: changie-validation
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: read
checks: write
env:
GH_TOKEN: ${{ github.token }}
GITHUB_REF_BRANCH: ${{ github.ref }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
fetch-depth: 0
ref: ${{ env.GITHUB_REF_BRANCH }}
- name: Set up default branch name
id: default_branch
run: echo "DEFAULT_BRANCH=$(gh repo view --json defaultBranchRef -q '.defaultBranchRef.name')" >> $GITHUB_ENV
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check for .changes directory
id: check_changes_dir
run: |
if [[ -d ".changes" ]]; then
echo "changes_dir_exists=true" >> $GITHUB_OUTPUT
else
echo "changes_dir_exists=false" >> $GITHUB_OUTPUT
echo "⏩ no changie entry required on this"
fi
- name: Fetch default branch
id: fetch_branches
run: |
git fetch origin ${{ env.DEFAULT_BRANCH }}
git fetch origin ${{ env.GITHUB_REF_BRANCH }}
- name: Check for labels
id: check_labels
run: |
echo "no_changie_required=false" >> $GITHUB_OUTPUT
echo "dependencies=false" >> $GITHUB_OUTPUT
for label in $(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name'); do
if [[ "$label" == "no-changie-required" ]]; then
echo "no_changie_required=true" >> $GITHUB_OUTPUT
echo "❎ bypass on changie noted due to label"
elif [[ "$label" == "dependencies" ]]; then
echo "dependencies=true" >> $GITHUB_OUTPUT
fi
done
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Validate changie entry
id: validate_changie_entry
if: steps.check_changes_dir.outputs.changes_dir_exists == 'true' && steps.check_labels.outputs.no_changie_required == 'false' && steps.check_labels.outputs.dependencies == 'false'
run: |
# Fetch existing comments
changes=$(git diff --name-only --diff-filter=A origin/${{ env.DEFAULT_BRANCH }}...HEAD -- .changes/)
if [[ -n "$changes" ]]; then
echo "Changie entry found"
comment="✅ changie entry was found"
gh pr review ${{ github.event.pull_request.number }} --approve --body "$comment"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
else
echo "No changie entry found in .changes"
comment="❌ A changie entry is required in .changes/"
echo "adding review comment saying required, since not seeing prior comment before"
gh pr review ${{ github.event.pull_request.number }} --request-changes --body "$comment"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
fi
# Update or post the review comment
# if [[ -n "$comment" ]]; then
# echo "adding review comment since not seeing prior comment before"
# gh pr comment ${{ github.event.pull_request.number }} --body "$comment" --edit-last || gh pr comment ${{ github.event.pull_request.number }} --body "$comment"
# fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}