-
Notifications
You must be signed in to change notification settings - Fork 0
116 lines (92 loc) · 3.39 KB
/
Copy pathci.yml
File metadata and controls
116 lines (92 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: CI
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
permissions:
contents: read
jobs:
quality:
name: Repository quality
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Reject committed local artifacts
run: |
if git ls-files \
| grep -E '(^|/)\.DS_Store$|(^|/)logs/|\.log$'; then
echo "Local artifacts (.DS_Store, logs/, *.log) must not be committed."
exit 1
fi
echo "No committed local artifacts."
- name: Install system validation tools
run: |
sudo apt-get update
sudo apt-get install --yes \
ca-certificates \
curl \
golang-go \
pre-commit
curl -fsSL https://deb.nodesource.com/setup_22.x \
| sudo -E bash -
sudo apt-get install --yes nodejs
npm install --global markdownlint-cli2
go install \
github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@latest
curl -sSfL \
https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash \
| bash
sudo install actionlint /usr/local/bin/actionlint
curl -sSfL \
https://github.com/lycheeverse/lychee/releases/latest/download/lychee-x86_64-unknown-linux-gnu.tar.gz \
-o /tmp/lychee.tar.gz
mkdir -p /tmp/lychee
tar -xzf /tmp/lychee.tar.gz -C /tmp/lychee
sudo install \
"$(find /tmp/lychee -type f -name lychee -print -quit)" \
/usr/local/bin/lychee
echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"
- name: Install Node dependencies
run: npm ci
- name: Run test suite
run: npm test
- name: Lint commit messages
env:
PR_BASE_SHA: ${{ github.event.pull_request.base.sha }}
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PUSH_BEFORE_SHA: ${{ github.event.before }}
PUSH_AFTER_SHA: ${{ github.sha }}
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
from="$PR_BASE_SHA"
to="$PR_HEAD_SHA"
else
from="$PUSH_BEFORE_SHA"
to="$PUSH_AFTER_SHA"
fi
# First push of a branch reports an all-zero "before" SHA; fall back
# to the repository root so the range stays valid.
if printf '%s' "$from" | grep -Eq '^0+$'; then
from="$(git rev-list --max-parents=0 "$to" | tail -1)"
fi
# A force-push that rewrote history reports a "before" SHA that no
# longer exists in the repository; lint only the pushed tip so the
# range stays valid.
if [ -n "$from" ] && ! git cat-file -e "${from}^{commit}" 2>/dev/null; then
from="$(git rev-parse "${to}^")"
fi
scripts/lint-commit-msg.sh --range "$from" "$to"
- name: Cache pre-commit environments
uses: actions/cache@v5
with:
path: ~/.cache/pre-commit
key: >-
pre-commit-${{ runner.os }}-${{
hashFiles('.pre-commit-config.yaml') }}
- name: Run repository quality checks
run: pre-commit run --all-files --show-diff-on-failure