-
Notifications
You must be signed in to change notification settings - Fork 1.5k
69 lines (61 loc) · 2.37 KB
/
pre_commit.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# Part of the Carbon Language project, under the Apache License v2.0 with LLVM
# Exceptions. See /LICENSE for license information.
# SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
name: pre-commit
on:
pull_request:
merge_group:
push:
branches: [trunk]
permissions:
contents: read # For actions/checkout.
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
# When adding endpoints, see README.md.
# prettier-ignore
allowed-endpoints: >
*.dl.sourceforge.net:443
api.github.com:443
bcr.bazel.build:443
downloads.sourceforge.net:443
files.pythonhosted.org:443
github.com:443
mirror.bazel.build:443
nodejs.org:443
objects.githubusercontent.com:443
pypi.org:443
registry.npmjs.org:443
releases.bazel.build:443
sourceforge.net:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
# Ensure LLVM is set up consistently.
- uses: ./.github/actions/build-setup-common
with:
matrix_runner: ubuntu-latest
remote_cache_upload: '--remote_upload_local_results=false'
- uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
# We want to automatically create github suggestions for pre-commit file
# changes for a pull request. But `pull_request` actions never have write
# permissions to the repository, so we create the suggestions in a separate
# privileged `workflow_run` action in pre_commit_suggestions.yaml. Here,
# we upload the diffs and event configuration to an artifact for use by
# that action.
- name: Collect pre-commit output
if: failure()
run: |
mkdir -p pre-commit-output
git diff > pre-commit-output/diff
cp $GITHUB_EVENT_PATH pre-commit-output/event
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
if: failure()
with:
name: pre-commit output
path: pre-commit-output/*