Skip to content

Commit 5de3b54

Browse files
sethvargosethvargo
committed
Add global linters
1 parent ff59587 commit 5de3b54

File tree

1 file changed

+170
-0
lines changed

1 file changed

+170
-0
lines changed

.github/workflows/lint.yml

Lines changed: 170 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,170 @@
1+
name: 'Lint'
2+
3+
# NOTE: This workflow is NOT intended to be a reusable workflow via
4+
# workflow_call. Instead it will be "reused" by configuring via organization
5+
# rulesets as a required workflow.
6+
on:
7+
# Note that for org required workflows:
8+
# "Any filters you specify for the supported events are ignored
9+
# - for example, branches, branches-ignore, paths, types and so on."
10+
# https://docs.github.com/en/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#supported-event-triggers
11+
pull_request:
12+
merge_group:
13+
14+
concurrency:
15+
group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}'
16+
cancel-in-progress: true
17+
18+
permissions:
19+
contents: 'read'
20+
statuses: 'write'
21+
22+
jobs:
23+
init:
24+
name: 'Lint (Initialize)'
25+
runs-on: 'ubuntu-latest'
26+
if: |
27+
${{ github.repository != 'google-github-actions/.github' }}
28+
outputs:
29+
lint-targets: '${{ steps.lint-targets.outputs.lint-targets }}'
30+
gomod-dirs: '${{ steps.lint-targets.outputs.gomod-dirs }}'
31+
packagejson-dirs: '${{ steps.lint-targets.outputs.packagejson-dirs }}'
32+
steps:
33+
- name: 'Checkout'
34+
uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/checkout@v4
35+
with:
36+
fetch-depth: 1
37+
ref: '${{ github.event.pull_request.head.sha }}'
38+
39+
- name: 'Identify lint targets'
40+
id: 'lint-targets'
41+
env:
42+
REF: '${{ github.event.pull_request.head.sha }}'
43+
LC_ALL: 'C'
44+
shell: 'bash'
45+
run: |-
46+
set -euo pipefail
47+
48+
# match_files determines if the current git repository has any files
49+
# matching the given pattern. This has been performance tested
50+
# against a shallow checkout of chromium (future changes should be
51+
# tested in the same manner).
52+
match_files() {
53+
local filepattern="${1}"
54+
matches="$(git ls-tree -r --name-only "${REF}" | grep -m 1 -E "${filepattern}")"
55+
code="$?"
56+
if [[ -n "${matches}" ]]; then
57+
# Ignore exit codes because we found a match.
58+
# Exit code 141 and higher may occur because we exit early.
59+
return 0
60+
fi
61+
return "${code}"
62+
}
63+
64+
declare -a TARGETS=()
65+
if match_files '.*(\.dockerfile|Dockerfile)$'; then
66+
TARGETS+=("docker")
67+
fi
68+
if match_files '.github/(actions|workflows)/.*\.(yaml|yml)$'; then
69+
TARGETS+=("github" "ratchet")
70+
fi
71+
if match_files 'go.mod$'; then
72+
TARGETS+=("go")
73+
fi
74+
if match_files '.*\.(java)$'; then
75+
TARGETS+=("java")
76+
fi
77+
if match_files 'package.json$'; then
78+
TARGETS+=("javascript")
79+
fi
80+
if match_files '.*\.(sh)$'; then
81+
TARGETS+=("shell")
82+
fi
83+
if match_files '.*\.(tf)$'; then
84+
TARGETS+=("terraform")
85+
fi
86+
if match_files '.*\.(yaml|yml)$'; then
87+
TARGETS+=("yaml")
88+
fi
89+
90+
LINT_TARGETS="$(jq --compact-output --null-input '$ARGS.positional' --args -- "${TARGETS[@]}")"
91+
echo "::debug::Found lint targets: ${LINT_TARGETS}"
92+
echo "lint-targets=${LINT_TARGETS}" >> "${GITHUB_OUTPUT}"
93+
94+
lint:
95+
runs-on: 'ubuntu-latest'
96+
name: 'Lint (${{ matrix.lint-target }})'
97+
needs:
98+
- 'init'
99+
if: |-
100+
${{ needs.init.outputs.lint-targets != '[]' && github.repository != 'google-github-actions/.github' }}
101+
strategy:
102+
fail-fast: false
103+
max-parallel: 100
104+
matrix:
105+
lint-target: '${{ fromJSON(needs.init.outputs.lint-targets) }}'
106+
steps:
107+
- name: 'Checkout'
108+
uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/checkout@v4
109+
with:
110+
fetch-depth: 1
111+
112+
- name: 'Lint (Docker)'
113+
if: |-
114+
${{ matrix.lint-target == 'docker' }}
115+
uses: 'abcxyz/actions/.github/actions/lint-docker@main' # ratchet:exclude
116+
with:
117+
hadolint_config_url: 'https://raw.githubusercontent.com/abcxyz/actions/main/.hadolint.yml'
118+
hadolint_version: '2.12.0'
119+
120+
- name: 'Lint (GitHub Actions)'
121+
if: |-
122+
${{ matrix.lint-target == 'github' }}
123+
uses: 'abcxyz/actions/.github/actions/lint-github-actions@main' # ratchet:exclude
124+
with:
125+
actionlint_version: '1.7.7'
126+
127+
- name: 'Lint (Go)'
128+
if: |-
129+
${{ matrix.lint-target == 'go' }}
130+
uses: 'abcxyz/actions/.github/actions/lint-go@main' # ratchet:exclude
131+
with:
132+
golangci_url: 'https://raw.githubusercontent.com/abcxyz/actions/main/default.golangci.yml'
133+
134+
- name: 'Lint (Go modules)'
135+
if: |-
136+
${{ matrix.lint-target == 'go' }}
137+
uses: 'abcxyz/actions/.github/actions/lint-go-modules@main' # ratchet:exclude
138+
139+
- name: 'Lint (Java)'
140+
if: |-
141+
${{ matrix.lint-target == 'java' }}
142+
uses: 'abcxyz/actions/.github/actions/lint-java@main' # ratchet:exclude
143+
with:
144+
google_java_format_version: '1.27.0'
145+
github_token: '${{ secrets.GITHUB_TOKEN }}'
146+
147+
- name: 'Lint (JavaScript)'
148+
if: |-
149+
${{ matrix.lint-target == 'javascript' }}
150+
uses: 'abcxyz/actions/.github/actions/lint-javascript@main' # ratchet:exclude
151+
152+
- name: 'Lint (Ratchet)'
153+
if: |-
154+
${{ matrix.lint-target == 'ratchet' }}
155+
uses: 'sethvargo/ratchet@main' # ratchet:exclude
156+
with:
157+
files: './.github/actions/**/*.yml ./.github/workflows/*.yml'
158+
159+
- name: 'Lint (Shell)'
160+
if: |-
161+
${{ matrix.lint-target == 'shell' }}
162+
uses: 'abcxyz/actions/.github/actions/lint-shell@main' # ratchet:exclude
163+
164+
- name: 'Lint (YAML)'
165+
if: |-
166+
${{ matrix.lint-target == 'yaml' }}
167+
uses: 'abcxyz/actions/.github/actions/lint-yaml@main' # ratchet:exclude
168+
with:
169+
yamllint_url: 'https://raw.githubusercontent.com/google-github-actions/.github/refs/heads/main/.yamllint.yml'
170+
yamllint_version: '1.37.1'

0 commit comments

Comments
 (0)