-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
113 lines (101 loc) · 3.15 KB
/
ubuntu-lint.yml
File metadata and controls
113 lines (101 loc) · 3.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
name: ubuntu-lint
on:
pull_request:
push:
branches:
- master
concurrency:
group: ci-${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
python_linters:
name: Python linter ${{ matrix.command }}
runs-on: ubuntu-24.04
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
strategy:
fail-fast: false
matrix:
command:
- codespell
- yamllint
- zizmor
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: astral-sh/setup-uv@803947b9bd8e9f986429fa0c5a41c367cd732b41 # v7.2.1
with:
python-version: "3.13"
activate-environment: true
- name: Install Dependencies
run: uv pip install -r .github/workflows/lint/pylock.toml
- name: Run codespell
run: codespell
if: matrix.command == 'codespell'
- name: Run YAMLlint
run: yamllint .
if: matrix.command == 'yamllint'
- name: Run zizmor 🌈
run: zizmor --format=sarif . > results.sarif
if: matrix.command == 'zizmor'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
if: matrix.command == 'zizmor'
with:
sarif_file: results.sarif
category: zizmor
ruby_linters:
name: Ruby linters on ${{ matrix.ruby.name }}
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
ruby:
- { name: ruby, value: 3.4.5 }
- { name: jruby, value: jruby-10.0.2.0 }
- { name: truffleruby, value: truffleruby-24.2.1 }
env:
RUBYOPT: -Ilib
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Setup ruby
uses: ruby/setup-ruby@8d27f39a5e7ad39aebbcbd1324f7af020229645c # v1.287.0
with:
ruby-version: ${{ matrix.ruby.value }}
bundler: none
- name: Install Dependencies
run: bin/rake setup
- name: Run Ruby Lint
run: bin/rake rubocop
- name: Run Markdown Lint
run: bin/mdl -g . -r MD001,MD025
if: matrix.ruby.name == 'ruby'
- name: Generate docs
run: bin/rake docs
if: matrix.ruby.name != 'jruby'
- name: Install & Check Dependencies
run: bin/rake dev:frozen_deps
- name: Misc checks
run: bin/rake man:check vendor:check version:check check_rubygems_integration
if: matrix.ruby.name != 'jruby'
timeout-minutes: 15
all-pass:
name: All ubuntu-lint jobs pass
if: always()
needs:
- python_linters
- ruby_linters
runs-on: ubuntu-latest
steps:
- name: check dependent jobs
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2
with:
jobs: ${{ toJSON(needs) }}