-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[No QA] Schema Validation for Github Actions #2197
Merged
Merged
Changes from 5 commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
6b6bbb3
Setup yaml validation script
roryabraham ee8b1f7
Fix exit code propagation
roryabraham c4809e2
Remove unnecessary echo
roryabraham 0a86002
Add github actions validation to Github Actions workflow (how meta)
roryabraham c289598
Improve comment and add more early exits
roryabraham e45001f
Purposely commit incorrect value in Github Action
roryabraham b67183c
Purposely commit invalid key in github action
roryabraham 286085e
Purposely commit invalid key in github workflow
roryabraham 9e33976
Purposely commit incorrect value in github workflow
roryabraham 80de973
Reset everything back to normal
roryabraham b0217ba
Nix extra space in automerge workflow
roryabraham File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| #!/bin/bash | ||
| # | ||
| # Validates the Github Actions and workflows using the json schemas provided by https://www.schemastore.org/json/ | ||
|
|
||
| # Track exit codes separately so we can run a full validation, report errors, and exit with the correct code | ||
| declare EXIT_CODE=0 | ||
|
|
||
| # Download the up-to-date json schemas for github actions and workflows | ||
| cd ./.github && mkdir ./tempSchemas || exit 1 | ||
| curl https://json.schemastore.org/github-action.json --output ./tempSchemas/github-action.json --silent || exit 1 | ||
| curl https://json.schemastore.org/github-workflow.json --output ./tempSchemas/github-workflow.json --silent || exit 1 | ||
|
|
||
| # Validate the actions and workflows using the JSON schemas and ajv https://github.com/ajv-validator/ajv-cli | ||
| find ./actions/ -type f -name "*.yml" -print0 | xargs -0 -I file ajv -s ./tempSchemas/github-action.json -d file --strict=false || EXIT_CODE=1 | ||
| find ./workflows/ -type f -name "*.yml" -print0 | xargs -0 -I file ajv -s ./tempSchemas/github-workflow.json -d file --strict=false || EXIT_CODE=1 | ||
|
|
||
| # Cleanup after ourselves and delete the schemas | ||
| rm -rf ./tempSchemas | ||
|
|
||
| exit $EXIT_CODE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm sure it's for consistency with the rest but why did we decide to proxy all our shell scripts with NPM actions ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's so you can run them from any directory in the project and they will still work the same. Like it I were to do
cd .github && ./scripts/validateActionsAndWorkflows.sh, then the script would fail because it tries to runcd ./.githuband that would fail. But if you run it as an npm script then it's always running from the project root.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, there are other ways to ensure that in Bash without requiring
npm. In this case, this we already use it that's probably fine but we shouldn't rely on it otherwise IMO.E.g.
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"