-
Notifications
You must be signed in to change notification settings - Fork 42
131 lines (124 loc) · 4.97 KB
/
lint.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: (all packages) Lints
on:
push:
branches:
- main
pull_request:
jobs:
tools:
name: Get tool-versions
runs-on: ubuntu-latest
steps:
- name: Check out Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Parse tool-versions file
uses: smartcontractkit/[email protected]
id: tool-versions
outputs:
golangci-lint-version: ${{ steps.tool-versions.outputs.golangci-lint_version }}
golangci:
name: Linting
runs-on: ubuntu-latest
needs: [tools]
steps:
- name: Check out Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Go
uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/setup-go@00c6214deb10a3f374c6d3430c32c5202015d463 # v2.2.12
with:
test_download_vendor_packages_command: go mod download
go_mod_path: ./go.mod
cache_key_id: ctf-go
cache_restore_only: 'false'
- name: golangci-lint ${{ needs.tools.outputs.golangci-lint-version }}
uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0
with:
version: v${{ needs.tools.outputs.golangci-lint-version }}
args: --out-format checkstyle:golangci-lint-report.xml
- name: Print lint report artifact
if: always()
run: test -f golangci-lint-report.xml || true
- name: Store lint report artifact
if: always()
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with:
name: golangci-lint-report
path: golangci-lint-report.xml
vulnerabilities-check:
name: Check for Vulnerabilities
runs-on: ubuntu-latest
needs: [tools]
steps:
- name: Check out Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Go
uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/setup-go@00c6214deb10a3f374c6d3430c32c5202015d463 # v2.2.12
with:
test_download_vendor_packages_command: go mod download
go_mod_path: ./go.mod
cache_key_id: ctf-go
cache_restore_only: 'false'
- name: Write Go List
run: go list -json -deps ./... > go.list
- name: Nancy
uses: sonatype-nexus-community/nancy-github-action@726e338312e68ecdd4b4195765f174d3b3ce1533 # v1.0.3
asdf-install:
name: Validate GitHub Action Workflows
runs-on: ubuntu-latest
steps:
- name: Check out Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install asdf dependencies
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3.0.2
prettier:
name: Formatting
runs-on: ubuntu-latest
steps:
- name: Checkout the repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Run Prettier
uses: creyD/prettier_action@31355f8eef017f8aeba2e0bc09d8502b13dbbad1 # v4.3
with:
dry: true
prettier_options: --write **/*.{yaml,yml,json} --config ./.prettierrc.yaml --ignore-path ./.prettierignore
helmlint:
name: Lint Helm Charts
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
# Without this parameter, the merged commit that CI produces will make it so that ct will
# not detect a diff even if one exists
fetch-depth: 0
- name: Set up chart-testing
uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0
- name: Run chart-testing (lint)
run: ct lint --config ${{ github.workspace }}/.github/configs/ct.yaml
actionlint:
name: Validate GitHub Action Workflows
runs-on: ubuntu-latest
steps:
- name: Check out Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Run actionlint
uses: reviewdog/action-actionlint@82693e9e3b239f213108d6e412506f8b54003586 # v1.39.1
sonarqube:
name: SonarQube Analysis
needs: [golangci]
runs-on: ubuntu-latest
steps:
- name: Checkout the repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports
- name: Download all workflow run artifacts
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@4b0bfc149f5e285930eeb5e917327e66660c6e92 # v2.0.0
with:
args: >
-Dsonar.go.golangci-lint.reportPaths=golangci-lint-report/golangci-lint-report.xml
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}