diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 00260b0c..7f27a01a 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -21,15 +21,15 @@ jobs: strategy: matrix: os: - - runner: ubuntu-latest - name: linux - static: true - - runner: macos-13 - name: macos-intel - static: false - - runner: macos-14 - name: macos-arm64 - static: true + - runner: ubuntu-latest + name: linux + static: true + - runner: macos-13 + name: macos-intel + static: false + - runner: macos-14 + name: macos-arm64 + static: true runs-on: ${{ matrix.os.runner }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 @@ -40,7 +40,7 @@ jobs: with: version: v0.68.0 static: ${{ matrix.os.static }} - - run: npm install -g markdownlint-cli + - run: npm install -g markdownlint-cli dprint - name: Restore rq cache id: cache-rq uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 @@ -68,20 +68,20 @@ jobs: code_coverage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 - with: - go-version-file: go.mod - - uses: open-policy-agent/setup-opa@34a30e8a924d1b03ce2cf7abe97250bbb1f332b5 # v2.2.0 - with: - version: v0.68.0 - - run: | - go run main.go test --coverage bundle \ - | opa eval -f raw -I -d build/simplecov/simplecov.rego data.build.simplecov.from_opa \ - > coverage.json - - uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 - with: - fail_ci_if_error: false - files: ./coverage.json - name: regal - token: ${{ secrets.CODECOV_TOKEN }} # required + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: go.mod + - uses: open-policy-agent/setup-opa@34a30e8a924d1b03ce2cf7abe97250bbb1f332b5 # v2.2.0 + with: + version: v0.68.0 + - run: | + go run main.go test --coverage bundle \ + | opa eval -f raw -I -d build/simplecov/simplecov.rego data.build.simplecov.from_opa \ + > coverage.json + - uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 + with: + fail_ci_if_error: false + files: ./coverage.json + name: regal + token: ${{ secrets.CODECOV_TOKEN }} # required diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e0689aaa..7d700943 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -2,7 +2,7 @@ name: "CodeQL" on: schedule: - - cron: '19 18 * * 4' + - cron: "19 18 * * 4" permissions: contents: read @@ -20,21 +20,21 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'go' ] + language: ["go"] steps: - - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: Checkout repository + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: Initialize CodeQL - uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 - with: - languages: ${{ matrix.language }} + - name: Initialize CodeQL + uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + with: + languages: ${{ matrix.language }} - - name: Autobuild - uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + - name: Autobuild + uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 - with: - category: "/language:${{matrix.language}}" + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f934dd67..3ba503de 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -2,9 +2,9 @@ name: Scorecard supply-chain security on: branch_protection_rule: schedule: - - cron: '16 9 * * 2' + - cron: "16 9 * * 2" push: - branches: [ "main" ] + branches: ["main"] permissions: read-all diff --git a/.github/workflows/update-docs.yaml b/.github/workflows/update-docs.yaml index 1ff07ced..0ced1942 100644 --- a/.github/workflows/update-docs.yaml +++ b/.github/workflows/update-docs.yaml @@ -5,7 +5,7 @@ name: Update Docs on: push: tags: - - v[0-9].** + - v[0-9].** workflow_dispatch: permissions: read-all diff --git a/.github/workflows/update-example-index.yaml b/.github/workflows/update-example-index.yaml index 7205c9d0..37528a05 100644 --- a/.github/workflows/update-example-index.yaml +++ b/.github/workflows/update-example-index.yaml @@ -6,7 +6,7 @@ name: Update Examples Index on: workflow_dispatch: schedule: - - cron: '0 1 * * *' # Run daily at 1 AM UTC + - cron: "0 1 * * *" # Run daily at 1 AM UTC jobs: update-examples-index: diff --git a/.goreleaser.yaml b/.goreleaser.yaml index af54f5d1..458a1447 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -40,7 +40,7 @@ kos: build: linux-windows-build repository: ghcr.io/styrainc/regal tags: - - '{{.Version}}' + - "{{.Version}}" - latest bare: true base_image: cgr.dev/chainguard/busybox:latest-glibc @@ -65,7 +65,7 @@ archives: {{- if .Arm }}v{{ .Arm }}{{ end }} checksum: - name_template: 'checksums.txt' + name_template: "checksums.txt" snapshot: name_template: "{{ incpatch .Version }}-next" diff --git a/.vscode/settings.json b/.vscode/settings.json index 0c934b11..5b222a2d 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,10 +1,10 @@ { - "opa.env": { - "OPA_CHECK_CAPABILITIES": "${workspacePath}/build/capabilities.json", - "OPA_EVAL_CAPABILITIES": "${workspacePath}/build/capabilities.json" - }, - "opa.roots": [ - "${workspaceFolder}/bundle" - ], - "opa.strictMode": true + "opa.env": { + "OPA_CHECK_CAPABILITIES": "${workspacePath}/build/capabilities.json", + "OPA_EVAL_CAPABILITIES": "${workspacePath}/build/capabilities.json" + }, + "opa.roots": [ + "${workspaceFolder}/bundle" + ], + "opa.strictMode": true } diff --git a/.vscode/tasks.json b/.vscode/tasks.json index e825f2cc..40860d6f 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -1,27 +1,27 @@ { - "version": "2.0.0", - "tasks": [ - { - "label": "regal: prepare pr", - "type": "shell", - "command": "./build/do.rq pr", - "detail": "Prepare PR", - "options": { - "cwd": "${workspaceFolder}" - }, - "group": { - "kind": "build", - "isDefault": true - } - }, - { - "label": "regal: regal test", - "type": "shell", - "command": "go run main.go test bundle", - "group": "test", - "options": { - "cwd": "${workspaceFolder}" - } - } - ] + "version": "2.0.0", + "tasks": [ + { + "label": "regal: prepare pr", + "type": "shell", + "command": "./build/do.rq pr", + "detail": "Prepare PR", + "options": { + "cwd": "${workspaceFolder}" + }, + "group": { + "kind": "build", + "isDefault": true + } + }, + { + "label": "regal: regal test", + "type": "shell", + "command": "go run main.go test bundle", + "group": "test", + "options": { + "cwd": "${workspaceFolder}" + } + } + ] } diff --git a/build/do.rq b/build/do.rq index c952639a..a39f979f 100755 --- a/build/do.rq +++ b/build/do.rq @@ -175,6 +175,7 @@ lint_ci { run("opa check --strict --capabilities build/capabilities.json bundle") run_quiet("./regal lint --format github bundle") run("markdownlint --config docs/.markdownlint.yaml --ignore docs/CODE_OF_CONDUCT.md README.md docs/") + run("dprint --config build/dprint.json check") } check_readme { diff --git a/build/dprint.json b/build/dprint.json new file mode 100644 index 00000000..097fc123 --- /dev/null +++ b/build/dprint.json @@ -0,0 +1,11 @@ +{ + "yaml": { + "indentBlockSequenceInMap": true + }, + "json": {}, + "excludes": [], + "plugins": [ + "https://plugins.dprint.dev/g-plane/pretty_yaml-v0.5.0.wasm", + "https://plugins.dprint.dev/json-0.19.3.wasm" + ] +} diff --git a/bundle/regal/config/provided/data.yaml b/bundle/regal/config/provided/data.yaml index ec112a85..dd81b388 100644 --- a/bundle/regal/config/provided/data.yaml +++ b/bundle/regal/config/provided/data.yaml @@ -6,7 +6,7 @@ rules: annotation-without-metadata: level: error argument-always-wildcard: - except-function-name-pattern: '^mock_' + except-function-name-pattern: "^mock_" level: error constant-condition: level: error diff --git a/e2e/testdata/configs/custom_naming_convention.yaml b/e2e/testdata/configs/custom_naming_convention.yaml index 2c0b1787..577cc498 100644 --- a/e2e/testdata/configs/custom_naming_convention.yaml +++ b/e2e/testdata/configs/custom_naming_convention.yaml @@ -3,7 +3,7 @@ rules: naming-convention: level: error conventions: - - pattern: '^_[a-z_]+$|^allow$' + - pattern: "^_[a-z_]+$|^allow$" targets: - rule - pattern: '^acmecorp\.[a-z_\.]+$'