-
Notifications
You must be signed in to change notification settings - Fork 432
139 lines (114 loc) · 4.12 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# This is a basic workflow to help you get started with Actions
name: Lint
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [main]
pull_request:
branches: [main]
types: [opened, synchronize, ready_for_review, edited]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
dash:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run dash -n
run: |
result=0
for file in $(find . -type f -not -path "*.git*" -a -not -path "*completions*"); do
if file "$file" | grep -qi shell; then
echo "### Checking file $file..."
dash -n $file
result=$(( result + $? ))
fi
done
exit $result
shfmt:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run shfmt
run: |
result=0
podman pull docker.io/peterdavehello/shfmt:latest
for file in $(find . -type f -not -path "*.git*"); do
if file "$file" | grep -qi shell; then
echo "### Checking file $file..."
podman run --rm -v "$PWD:/mnt" docker.io/peterdavehello/shfmt:latest shfmt -d -s -ci -sr -kp /mnt/$file
result=$(( result + $? ))
fi
done
exit $result
shellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Exclude from bashate the following rules:
# - SC2310 we don't want to exit if errors happen inside a check, that's why we have a check...
# - SC2311 don't care if we inherit errexit inside substitutions, we do checks for that.
# - SC2312 we already check errors and adding "|| true" everywhere hinders readability.
- name: Run shellcheck
run: |
result=0
podman pull docker.io/koalaman/shellcheck:stable
for file in $(find . -type f -name ".*" -prune -o -print | grep -v '.git'); do
if file "$file" | grep -qi shell; then
echo "### Checking file $file..."
# Should read the .shellcheckrc file to behave like -s sh -a -o all -Sstyle -Calways -x -e SC2310,SC2311,SC2312
podman run --rm -v "$PWD:/mnt" docker.io/koalaman/shellcheck:stable -a -Sstyle -Calways $file
result=$(( result + $? ))
fi
done
exit $result
differential-shellcheck:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Run Differential ShellCheck
uses: redhat-plumbers-in-action/differential-shellcheck@v4
with:
severity: style
token: ${{ secrets.GITHUB_TOKEN }}
bashate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Exclude from bashate the following rules:
# - E002 we use tab indentation as suggested by shfmt.
# - E003 we use tab indentation as suggested by shfmt.
# - E010 for readability allow if/then and for/do to be on different lines.
# - E011 for readability allow if/then and for/do to be on different lines.
- name: Run bashate
run: |
sudo pip3 install -U bashate
for file in $(find . -type f -not -path "*.git*"); do
if file "$file" | grep -qi shell; then
echo "### Checking file $file..."
bashate -i E002,E003,E010,E011 --max-line-length 120 $file
result=$(( result + $? ))
fi
done
exit $result
markdownlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run markdownlint
run: |
sudo npm install -g markdownlint-cli
markdownlint $(find . -name '*.md' | grep -vF './.git')
codespell:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: codespell-project/actions-codespell@v1
with:
skip: .git,*.pdf,*.1,*.css,*.lock