-
Notifications
You must be signed in to change notification settings - Fork 178
138 lines (122 loc) · 3.92 KB
/
lint-css-js-md.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: Lint CSS/JS/MD
on:
push:
# Only run if CSS/JS/MD-related files changed.
paths:
- '**.js'
- '**.cjs'
- '**.ts'
- '**.tsx'
- '**.css'
- 'docs/**/*.md'
- 'packages/**/*.md'
- '.eslint*'
- '.markdownlint*'
- '.npmpackagejsonlintrc.json'
- '.nvmrc'
- '.prettier*'
- '.stylelint*'
- '**/package.json'
- 'package-lock.json'
branches:
- main
- release/*
pull_request:
# Only run if CSS/JS/MD-related files changed.
paths:
- '**.js'
- '**.cjs'
- '**.ts'
- '**.tsx'
- '**.css'
- 'docs/**/*.md'
- 'packages/**/*.md'
- '.eslint*'
- '.markdownlint*'
- '.npmpackagejsonlintrc.json'
- '.nvmrc'
- '.prettier*'
- '.stylelint*'
- '**/package.json'
- 'package-lock.json'
# Cancels all previous workflow runs for pull requests that have not completed.
concurrency:
# The concurrency group contains the workflow name and the (target) branch name.
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
permissions:
checks: write # for ataylorme/eslint-annotate-action to create checks
contents: read # for actions/checkout to fetch code
pull-requests: read # for ataylorme/eslint-annotate-action to get changed PR files
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
with:
disable-sudo: true
disable-file-monitoring: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
registry.npmjs.org:443
bun.sh:443
54.185.253.63:443
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Setup Node
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
with:
node-version-file: '.nvmrc'
cache: npm
- name: Install dependencies
run: npm ci
env:
PUPPETEER_SKIP_DOWNLOAD: true
- name: Setup Bun
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5
with:
bun-version: latest
- name: Markdown Lint
run: npm run lint:md
- name: CSS Lint
run: npm run lint:css
- name: package.json Lint
run: npm run lint:package-json
# Do this first so that the types are available to ESLint,
# particularly the more sophisticated `@typescript/eslint` rules.
- name: Type checking
run: npm run workflow:bundle-packages:types
- name: JS Lint
run: npm run lint:js
env:
NODE_OPTIONS: --max-old-space-size=4096
if: >
github.event.pull_request.head.repo.fork == true ||
github.event.pull_request.user.login == 'dependabot[bot]'
- name: JS Lint Report
run: npm run lint:js:report
continue-on-error: true
env:
NODE_OPTIONS: --max-old-space-size=4096
# Prevent generating the ESLint report if PR is from a fork or authored by Dependabot.
if: >
github.event.pull_request.head.repo.fork == false &&
github.event.pull_request.user.login != 'dependabot[bot]'
- name: Annotate JS Lint Results
uses: ataylorme/eslint-annotate-action@3.0.0
with:
repo-token: '${{ secrets.GITHUB_TOKEN }}'
report-json: 'build/lint-js-report.json'
# The action cannot annotate the PR when run from a PR fork or authored by Dependabot.
if: >
github.event.pull_request.head.repo.fork == false &&
github.event.pull_request.user.login != 'dependabot[bot]'
- name: JSON Schema validation
run: npm run test:schema