diff --git a/.github/dependabot.yml b/.github/dependabot.yaml similarity index 100% rename from .github/dependabot.yml rename to .github/dependabot.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 7e4c413..3a27b97 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -2,9 +2,13 @@ name: build on: pull_request: + paths-ignore: + - ".github" push: branches: - main + paths-ignore: + - ".github" jobs: build: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9a87235..5f46a7b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -12,8 +12,6 @@ name: "CodeQL" on: - push: - branches: ["main"] schedule: - cron: "17 22 * * 6" diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml new file mode 100644 index 0000000..6e70251 --- /dev/null +++ b/.github/workflows/commitlint.yaml @@ -0,0 +1,66 @@ +name: "[all] lint" + +on: + pull_request: + types: + - opened + - synchronize + - reopened + - edited + - reopened + - synchronize + push: + branches: + - main + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + commitlint: + name: Commitlint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install pnpm + uses: pnpm/action-setup@v4 + with: + version: 9 + + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: 20 + + - name: Install commitlint + run: | + pnpm install + + - name: Validate current commit (last commit) with commitlint + if: github.event_name == 'push' + run: npx commitlint --last --verbose + + - name: Validate PR commits with commitlint + if: github.event_name == 'pull_request' + env: + HEAD_SHA: ${{ github.event.pull_request.head.sha }} + COMMITS: ${{ github.event.pull_request.commits }} + run: | + npx commitlint \ + --from "${HEAD_SHA}"~"${COMMITS}" \ + --to "${HEAD_SHA}" \ + --verbose + + - name: Validate PR name with commitlint + if: github.event_name == 'pull_request' + env: + PR_TITLE: ${{ github.event.pull_request.title }} + run: | + echo "${PR_TITLE}" | npx commitlint diff --git a/.github/workflows/github-acitons-lint.yaml b/.github/workflows/github-acitons-lint.yaml new file mode 100644 index 0000000..0945846 --- /dev/null +++ b/.github/workflows/github-acitons-lint.yaml @@ -0,0 +1,36 @@ +name: "[github-actions] lint" + +on: + push: + branches: + - main + paths: + - ".github/**" + pull_request: + paths: + - ".github/**" + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +defaults: + run: + shell: bash + +permissions: + contents: read + +jobs: + actionlint: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Check workflow files + run: | + echo "::add-matcher::.github/actionlint-matcher.json" + bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) + ./actionlint -color + shell: bash diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index e96efd2..548a754 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,11 +1,15 @@ name: golangci-lint on: push: + paths-ignore: + - ".github" tags: - v* branches: - main pull_request: + paths-ignore: + - ".github" permissions: contents: read @@ -18,7 +22,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: '1.21' + go-version: "1.21" cache: false - name: golangci-lint uses: golangci/golangci-lint-action@v6 diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index 8810da2..5e49c28 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -1,8 +1,8 @@ name: OSV Scanner on: - push: - branches: ["main"] + schedule: + - cron: "17 22 * * 6" permissions: security-events: write diff --git a/lefthook.yml b/lefthook.yml index 672a99a..1643d0a 100644 --- a/lefthook.yml +++ b/lefthook.yml @@ -1,8 +1,7 @@ pre-push: commands: backend-lint: - root: backend/ - tags: backend + root: / glob: "*.go" run: golangci-lint run