-
-
Notifications
You must be signed in to change notification settings - Fork 0
98 lines (82 loc) · 4 KB
/
reusable-megalinter.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# ==================================================================
# reusable-megalinter.yml
# ==================================================================
# Documentation:
# https://help.github.com/en/articles/workflow-syntax-for-github-actions
# ==================================================================
name: LINT EVERYTHING!
on:
workflow_call:
inputs:
apply-fixes-event:
description: Which events will trigger fixes to be applied?
required: false
type: string
apply-fixes-mode:
description: Will fixes be committed directly to the repo, or will a pull_request be raised?
required: false
type: string
permissions:
contents: read # git permissions to repo pull/push
statuses: write # read/write to repo custom statuses and checks
packages: write # read/write to packages
jobs:
mega-lint:
name: Mega-Linter
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
# Full git history is needed to get a proper list of changed files within super-linter
fetch-depth: 0
# used as a debug step to ensure we're only linting all files on release branches
- name: Are we linting all files?
run: |
echo VALIDATE_ALL_CODEBASE=${{ !contains(github.event_name, 'pull_request') }}
# which events will trigger fixes to be applied?
- name: APPLY_FIXES_EVENT
if: ${{ inputs.apply-fixes-event }}
run: |
echo "APPLY_FIXES_EVENT=${{ inputs.apply-fixes-event }}" >> $GITHUB_ENV
- name: APPLY_FIXES_EVENT EMPTY
if: ${{ !inputs.apply-fixes-event }}
run: |
echo "APPLY_FIXES_EVENT=all" >> $GITHUB_ENV
# which mode are fixes going to be applied in?
- name: APPLY_FIXES_MODE
if: ${{ inputs.apply-fixes-mode }}
run: |
echo "APPLY_FIXES_MODE=${{ inputs.apply-fixes-mode }}" >> $GITHUB_ENV
- name: APPLY_FIXES_MODE EMPTY
if: ${{ !inputs.apply-fixes-mode }}
run: |
echo "APPLY_FIXES_MODE=pull_request" >> $GITHUB_ENV
# Run many Linters against changed files on PRs, and ALL files on commit to release branch
# https://github.com/marketplace/actions/megalinter
- name: Lint Code Base
uses: oxsecurity/megalinter@v7
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# by default super-linter assumes our repo default branch doesn't change
# and it also assumes our PRs are always against that default branch
# for multi-trunk (releases) repos, this get the base branch from the previous steps
# see issue https://github.com/github/super-linter/issues/1123
DEFAULT_BRANCH: ${{ env.DEFAULT_BRANCH }}
# setting this to false means that only changed files will be scanned in each commit
VALIDATE_ALL_CODEBASE: ${{ !contains(github.event_name, 'pull_request') }}
# FIXES
APPLY_FIXES_EVENT: ${{ env.APPLY_FIXES_EVENT }}
APPLY_FIXES_MODE: ${{ env.APPLY_FIXES_MODE }}
# Artifacts Upload may be used as an alternative to File.io Reporter
# - name: Archive Report Artifacts
# uses: actions/upload-artifact@v3
# with:
# name: JSON Report
# path: /github/workspace/megalinter-reports/mega-linter-report.json
#
# - name: Archive Fixed Sources
# uses: actions/upload-artifact@v3
# with:
# name: Fixed Sources
# path: /github/workspace/megalinter-reports/updated_sources/**