From 6165bf2509ca95ead2b34d5d9595005813062560 Mon Sep 17 00:00:00 2001 From: Dhruv Thakur Date: Wed, 11 Sep 2024 19:15:56 +0200 Subject: [PATCH] ci: add linting for yml files --- .github/scripts/get-yamlfmt.sh | 35 +++++++++++++++++++++++++++++ .github/workflows/build.yml | 24 ++++++++++---------- .github/workflows/lint-yml.yml | 22 ++++++++++++++++++ .github/workflows/release.yml | 40 ++++++++++++++++----------------- .github/workflows/vulncheck.yml | 22 +++++++++--------- yamlfmt.yml | 2 ++ 6 files changed, 102 insertions(+), 43 deletions(-) create mode 100755 .github/scripts/get-yamlfmt.sh create mode 100644 .github/workflows/lint-yml.yml create mode 100644 yamlfmt.yml diff --git a/.github/scripts/get-yamlfmt.sh b/.github/scripts/get-yamlfmt.sh new file mode 100755 index 0000000..24f7d7c --- /dev/null +++ b/.github/scripts/get-yamlfmt.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash + +set -e + +if [ $# -ne 3 ]; then + echo "Usage: $0 " + echo "eg: $0 Linux x86_64 0.13.0" + exit 1 +fi + +OS="$1" +ARCH="$2" +VERSION="$3" + +cwd=$(pwd) + +temp_dir=$(mktemp -d) +if [ ! -e ${temp_dir} ]; then + echo "Failed to create temporary directory." + exit 1 +fi + +cd $temp_dir + +curl -sSLO "https://github.com/google/yamlfmt/releases/download/v${VERSION}/yamlfmt_${VERSION}_${OS}_${ARCH}.tar.gz" +curl -sSLO "https://github.com/google/yamlfmt/releases/download/v${VERSION}/checksums.txt" + +sha256sum --ignore-missing -c checksums.txt + +tar -xzf "yamlfmt_${VERSION}_${OS}_${ARCH}.tar.gz" -C ${temp_dir}/ +cd $cwd + +cp "${temp_dir}/yamlfmt" . + +rm -r ${temp_dir} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a225e30..d33ce98 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,7 +2,7 @@ name: build on: push: - branches: [ "main" ] + branches: ["main"] pull_request: paths: - "go.*" @@ -20,14 +20,14 @@ jobs: name: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: ${{ env.GO_VERSION }} - - name: go build - run: go build -v ./... - - name: golangci-lint - uses: golangci/golangci-lint-action@v6 - with: - version: v1.60 + - uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VERSION }} + - name: go build + run: go build -v ./... + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: v1.60 diff --git a/.github/workflows/lint-yml.yml b/.github/workflows/lint-yml.yml new file mode 100644 index 0000000..0b98292 --- /dev/null +++ b/.github/workflows/lint-yml.yml @@ -0,0 +1,22 @@ +name: lint-yml + +on: + push: + branches: ["main"] + paths: + - "**.yml" + pull_request: + paths: + - "**.yml" + +jobs: + lint-yml: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Get yamlfmt + run: | + LATEST_VERSION=$(curl -s https://api.github.com/repos/google/yamlfmt/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/' | sed 's/^v//') + ./.github/scripts/get-yamlfmt.sh "Linux" "x86_64" "$LATEST_VERSION" + - name: Run yamlfmt + run: ./yamlfmt -lint -quiet $(find . -name '*.yml') diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2ea4f7b..6351eec 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,23 +15,23 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: ${{ env.GO_VERSION }} - - name: Build - run: go build -v ./... - - name: Install Cosign - uses: sigstore/cosign-installer@v3 - with: - cosign-release: 'v2.2.3' - - name: Release Binaries - uses: goreleaser/goreleaser-action@v6 - with: - version: latest - args: release --clean - env: - GITHUB_TOKEN: ${{secrets.GH_PAT}} + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VERSION }} + - name: Build + run: go build -v ./... + - name: Install Cosign + uses: sigstore/cosign-installer@v3 + with: + cosign-release: 'v2.2.3' + - name: Release Binaries + uses: goreleaser/goreleaser-action@v6 + with: + version: latest + args: release --clean + env: + GITHUB_TOKEN: ${{secrets.GH_PAT}} diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml index 4720fbc..f857235 100644 --- a/.github/workflows/vulncheck.yml +++ b/.github/workflows/vulncheck.yml @@ -1,7 +1,7 @@ name: vulncheck on: push: - branches: [ "main" ] + branches: ["main"] pull_request: paths: - "go.*" @@ -19,13 +19,13 @@ jobs: name: vulncheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: ${{ env.GO_VERSION }} - - name: govulncheck - shell: bash - run: | - go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... + - uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VERSION }} + - name: govulncheck + shell: bash + run: | + go install golang.org/x/vuln/cmd/govulncheck@latest + govulncheck ./... diff --git a/yamlfmt.yml b/yamlfmt.yml new file mode 100644 index 0000000..9d3236a --- /dev/null +++ b/yamlfmt.yml @@ -0,0 +1,2 @@ +formatter: + retain_line_breaks_single: true