chore(mise.toml): ignore check-extra-masked-returns of shellcheck in … #2287
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint | |
on: | |
# do not use paths filter because it does not work well with required status checks | |
# ref: https://github.com/orgs/community/discussions/13690 | |
push: | |
branches: main | |
pull_request: | |
workflow_dispatch: | |
schedule: | |
- cron: "0 0 * * SUN" | |
permissions: {} | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
list-tasks: | |
# define unique id to add to status checks | |
name: lint-list-tasks | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 10 | |
permissions: | |
contents: read # for checkout | |
outputs: | |
tasks: ${{ steps.list.outputs.tasks }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Install mise | |
uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2.1.6 | |
with: | |
version: 2024.11.4 | |
# backends are required to run mise list | |
# cspell:ignore binstall | |
install_args: bun node cargo-binstall | |
- name: Install package.json dependencies | |
run: mise run buni:root | |
- name: List mise tasks | |
id: list | |
run: | | |
tasks=$(bun run .github/workflows/scripts/list-mise-tasks.ts) | |
echo "tasks=${tasks}" >> "${GITHUB_OUTPUT}" | |
lint: | |
needs: list-tasks | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 10 | |
permissions: | |
contents: read # for checkout | |
name: ${{ matrix.name }} | |
strategy: | |
fail-fast: false | |
matrix: | |
# use include not to be treated as multi-dimensional matrix | |
# ref: https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#expanding-or-adding-matrix-configurations | |
include: ${{ fromJson(needs.list-tasks.outputs.tasks) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Install mise | |
uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2.1.6 | |
with: | |
version: 2024.11.4 | |
install_args: ${{ matrix.tools }} | |
- name: Run ${{ matrix.name }} | |
run: mise run ${{ matrix.task }} | |
commitlint: | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 10 | |
permissions: | |
contents: read # for checkout | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 # fetch all history for commitlint | |
- name: Install mise | |
uses: jdx/mise-action@53d027c2e96fed8f955f5d95bff910a3e031cc58 # v2.1.6 | |
with: | |
version: 2024.11.4 | |
install_args: bun node | |
- name: Install package.json dependencies | |
run: mise run buni:root | |
- name: "commitlint (push: initial commit)" | |
id: commitlint-push-initial | |
# commit hash will be 000... if it doesn't exist | |
if: github.event_name == 'push' && github.event.before == '0000000000000000000000000000000000000000' | |
run: bun run commitlint --verbose --to ${{ github.event.after }} | |
- name: commitlint (push) | |
id: commitlint-push | |
if: github.event_name == 'push' && steps.commitlint-push-initial.outcome == 'skipped' | |
run: bun run commitlint --verbose --from ${{ github.event.before }} --to ${{ github.event.after }} | |
- name: commitlint (pull_request) | |
id: commitlint-pr | |
if: github.event_name == 'pull_request' | |
run: | | |
bun run commitlint --verbose --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} | |
- name: commitlint (pull request title) | |
# continue even if the previous step fails | |
# do not use continue-on-error because it will result in a successful job | |
if: ${{ !cancelled() && (steps.commitlint-pr.outcome == 'success' || steps.commitlint-pr.outcome == 'failure') }} | |
# use intermediate environment variable to avoid injection attacks | |
# ref: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | |
env: | |
PR_TITLE: ${{ github.event.pull_request.title }} | |
run: echo "${PR_TITLE}" | bun run commitlint --verbose | |
- name: commitlint (last commit) | |
if: steps.commitlint-push-initial.outcome == 'skipped' && steps.commitlint-push.outcome == 'skipped' && steps.commitlint-pr.outcome == 'skipped' | |
run: bun run commitlint --verbose --from ${{ github.sha }}~1 --to ${{ github.sha }} | |
lint-status: | |
needs: | |
- lint | |
- commitlint | |
# only required for branch protection rules | |
if: ${{ !cancelled() && github.event_name == 'pull_request' }} | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 5 | |
steps: | |
- name: Check the status of the jobs | |
run: | | |
if echo '${{ toJson(needs.*.result) }}' | jq --exit-status 'all(. == "success")' >/dev/null; then | |
echo 'All jobs are successful.' | |
exit 0 | |
else | |
echo 'Some jobs are failed, cancelled, or skipped.' | |
exit 1 | |
fi | |
actions-timeline: | |
needs: | |
- lint-status | |
if: ${{ !cancelled() }} | |
runs-on: ubuntu-24.04 | |
timeout-minutes: 5 | |
permissions: | |
actions: read | |
steps: | |
- name: actions-timeline | |
# cspell:ignore kesin | |
uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2.2.1 |