-
Notifications
You must be signed in to change notification settings - Fork 0
149 lines (122 loc) · 4.7 KB
/
lint.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Lint
on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
schedule:
- cron: "0 0 * * SUN"
permissions: {}
defaults:
run:
shell: bash
jobs:
list-tasks:
runs-on: ubuntu-24.04
timeout-minutes: 10
permissions:
contents: read # for checkout
outputs:
tasks: ${{ steps.list.outputs.tasks }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install mise
uses: jdx/mise-action@63a673876c7072c1d6ecb2049c0d572976c83b22 # v2.1.7
with:
version: 2024.11.16
# backends are required to run mise list
# cspell:ignore binstall
install_args: bun node cargo-binstall
cache_save: ${{ github.ref_name == 'main' }}
- name: Install package.json dependencies
run: mise run buni:root
- name: List mise tasks
id: list
run: |
tasks=$(bun run .github/workflows/scripts/list-mise-tasks.ts)
echo "tasks=${tasks}" >> "${GITHUB_OUTPUT}"
lint:
needs: list-tasks
runs-on: ubuntu-24.04
timeout-minutes: 10
permissions:
contents: read # for checkout
name: ${{ matrix.name }}
strategy:
fail-fast: false
matrix:
# use include not to be treated as multi-dimensional matrix
# ref: https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#expanding-or-adding-matrix-configurations
include: ${{ fromJson(needs.list-tasks.outputs.tasks) }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install mise
uses: jdx/mise-action@63a673876c7072c1d6ecb2049c0d572976c83b22 # v2.1.7
with:
version: 2024.11.16
install_args: ${{ matrix.tools }}
cache_save: ${{ github.ref_name == 'main' }}
- name: Run ${{ matrix.name }}
run: mise run ${{ matrix.task }}
commitlint:
runs-on: ubuntu-24.04
timeout-minutes: 10
permissions:
contents: read # for checkout
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0 # fetch all history for commitlint
- name: Install mise
uses: jdx/mise-action@63a673876c7072c1d6ecb2049c0d572976c83b22 # v2.1.7
with:
version: 2024.11.16
install_args: bun node
cache_save: ${{ github.ref_name == 'main' }}
- name: Install package.json dependencies
run: mise run buni:root
- name: "commitlint (push: initial commit)"
id: commitlint-push-initial
# commit hash will be 000... if it doesn't exist
if: github.event_name == 'push' && github.event.before == '0000000000000000000000000000000000000000'
run: bun run commitlint --verbose --to ${{ github.event.after }}
- name: commitlint (push)
id: commitlint-push
if: github.event_name == 'push' && steps.commitlint-push-initial.outcome == 'skipped'
run: bun run commitlint --verbose --from ${{ github.event.before }} --to ${{ github.event.after }}
- name: commitlint (pull_request)
id: commitlint-pr
if: github.event_name == 'pull_request'
run: |
bun run commitlint --verbose --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }}
- name: commitlint (pull request title)
# continue even if the previous step fails
# do not use continue-on-error because it will result in a successful job
if: ${{ !cancelled() && (steps.commitlint-pr.outcome == 'success' || steps.commitlint-pr.outcome == 'failure') }}
# use intermediate environment variable to avoid injection attacks
# ref: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
env:
PR_TITLE: ${{ github.event.pull_request.title }}
run: echo "${PR_TITLE}" | bun run commitlint --verbose
- name: commitlint (last commit)
if: steps.commitlint-push-initial.outcome == 'skipped' && steps.commitlint-push.outcome == 'skipped' && steps.commitlint-pr.outcome == 'skipped'
run: bun run commitlint --verbose --from ${{ github.sha }}~1 --to ${{ github.sha }}
actions-timeline:
needs:
- lint
- commitlint
if: ${{ !cancelled() }}
runs-on: ubuntu-24.04
timeout-minutes: 5
permissions:
actions: read
steps:
- name: actions-timeline
# cspell:ignore kesin
uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2.2.1