export: use su-exec when sudo is absent #2186
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a basic workflow to help you get started with Actions | |
name: Lint | |
# Controls when the workflow will run | |
on: | |
# Triggers the workflow on push or pull request events but only for the main branch | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
types: [opened, synchronize, ready_for_review, edited] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
dash: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run dash -n | |
run: | | |
result=0 | |
for file in $(find . -type f -not -path "*.git*" -a -not -path "*completions*"); do | |
if file "$file" | grep -qi shell; then | |
echo "### Checking file $file..." | |
dash -n $file | |
result=$(( result + $? )) | |
fi | |
done | |
exit $result | |
shfmt: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run shfmt | |
run: | | |
result=0 | |
podman pull docker.io/peterdavehello/shfmt:latest | |
for file in $(find . -type f -not -path "*.git*"); do | |
if file "$file" | grep -qi shell; then | |
echo "### Checking file $file..." | |
podman run --rm -v "$PWD:/mnt" docker.io/peterdavehello/shfmt:latest shfmt -d -s -ci -sr -kp /mnt/$file | |
result=$(( result + $? )) | |
fi | |
done | |
exit $result | |
shellcheck: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
# Exclude from bashate the following rules: | |
# - SC2310 we don't want to exit if errors happen inside a check, that's why we have a check... | |
# - SC2311 don't care if we inherit errexit inside substitutions, we do checks for that. | |
# - SC2312 we already check errors and adding "|| true" everywhere hinders readability. | |
- name: Run shellcheck | |
run: | | |
result=0 | |
podman pull docker.io/koalaman/shellcheck:stable | |
for file in $(find . -type f -name ".*" -prune -o -print | grep -v '.git'); do | |
if file "$file" | grep -qi shell; then | |
echo "### Checking file $file..." | |
# Should read the .shellcheckrc file to behave like -s sh -a -o all -Sstyle -Calways -x -e SC2310,SC2311,SC2312 | |
podman run --rm -v "$PWD:/mnt" docker.io/koalaman/shellcheck:stable -a -Sstyle -Calways $file | |
result=$(( result + $? )) | |
fi | |
done | |
exit $result | |
differential-shellcheck: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
security-events: write | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Run Differential ShellCheck | |
uses: redhat-plumbers-in-action/differential-shellcheck@v4 | |
with: | |
severity: style | |
token: ${{ secrets.GITHUB_TOKEN }} | |
bashate: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
# Exclude from bashate the following rules: | |
# - E002 we use tab indentation as suggested by shfmt. | |
# - E003 we use tab indentation as suggested by shfmt. | |
# - E010 for readability allow if/then and for/do to be on different lines. | |
# - E011 for readability allow if/then and for/do to be on different lines. | |
- name: Run bashate | |
run: | | |
sudo pip3 install -U bashate | |
for file in $(find . -type f -not -path "*.git*"); do | |
if file "$file" | grep -qi shell; then | |
echo "### Checking file $file..." | |
bashate -i E002,E003,E010,E011 --max-line-length 120 $file | |
result=$(( result + $? )) | |
fi | |
done | |
exit $result | |
markdownlint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run markdownlint | |
run: | | |
sudo npm install -g markdownlint-cli | |
markdownlint $(find . -name '*.md' | grep -vF './.git') | |
codespell: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: codespell-project/actions-codespell@v1 | |
with: | |
skip: .git,*.pdf,*.1,*.css,*.lock |