ci: configure commitlint (#5014)

- Check if the PR contains a single commit, and fail otherwise.
- Enable commitlint to check if commits adhere to the
  conventialcommits.org spec.
- Update the the pull request template to point to the conventional
  commit spec.
- Update the dependabot configuration to add the "build(...)" prefix to
  commits.
This commit is contained in:
Marco Ferrari 2023-12-19 19:37:16 +01:00 committed by GitHub
parent 2d303aab53
commit 9db632f0e1
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 2099 additions and 6 deletions

View file

@ -5,6 +5,8 @@
version: 2
updates:
- package-ecosystem: github-actions
commit-message:
prefix: "build(github-actions)"
directory: "/"
schedule:
interval: "weekly"
@ -12,6 +14,8 @@ updates:
# Maintain dependencies for js with npm
- package-ecosystem: "npm"
commit-message:
prefix: "build(npm)"
directory: "/dependencies"
schedule:
interval: "weekly"
@ -19,6 +23,8 @@ updates:
# Maintain dependencies for ruby with bundler
- package-ecosystem: "bundler"
commit-message:
prefix: "build(bundler)"
directory: "/dependencies"
schedule:
interval: "weekly"
@ -26,6 +32,8 @@ updates:
# Maintain dependencies for docker
- package-ecosystem: "docker"
commit-message:
prefix: "build(docker)"
directory: "/"
schedule:
interval: "weekly"
@ -33,6 +41,8 @@ updates:
# Maintain dependencies for python with pip
- package-ecosystem: "pip"
commit-message:
prefix: "build(python)"
directory: "/dependencies/python/"
schedule:
interval: "weekly"
@ -40,12 +50,35 @@ updates:
# Maintain dependencies for Java
- package-ecosystem: "gradle"
commit-message:
prefix: "build(java)"
directory: "/dependencies/checkstyle"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
- package-ecosystem: "gradle"
commit-message:
prefix: "build(java)"
directory: "/dependencies/google-java-format"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
# Maintain dev dependencies for docker
- package-ecosystem: "docker"
commit-message:
prefix: "build(dev-docker)"
directory: "/dev-dependencies"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
# Maintain dev dependencies for js with npm
- package-ecosystem: "npm"
commit-message:
prefix: "build(dev-npm)"
directory: "/dev-dependencies"
schedule:
interval: "weekly"
open-pull-requests-limit: 10

View file

@ -10,3 +10,4 @@ ignored:
- DL3003 # Ignore workdir so we don't add layers
- SC2016 # ignore as its interpreted later
- DL3044 # Ignore using env in env
- DL3008 # Ignore pinned versions check for APT

4
.github/linters/commitlint.config.js vendored Normal file
View file

@ -0,0 +1,4 @@
module.exports = {
extends: ['@commitlint/config-conventional'],
helpUrl: 'https://www.conventionalcommits.org/'
}

View file

@ -1,4 +1,3 @@
<!-- Ensure that your PR title is brief and descriptive. -->
<!-- Start: issue fix section -->
<!-- Link to issue if there is one, otherwise remove the "issue fix" section -->
<!-- markdownlint-disable -->
@ -8,8 +7,6 @@ Fixes #
<!-- markdownlint-restore -->
<!-- End: issue fix section -->
<!-- Describe what the changes are -->
## Proposed Changes
1. ...
@ -18,12 +15,16 @@ Fixes #
## Readiness Checklist
### Author/Contributor
In order to have this pull request merged, complete the following tasks.
### Pull request author tasks
- [ ] I included all the needed documentation for this change.
- [ ] I provided the necessary tests.
- [ ] I squashed all the commits into a single commit.
- [ ] I followed the [Conventional Commit v1.0.0 spec](https://www.conventionalcommits.org/en/v1.0.0/).
### Reviewing Maintainer
### Super-linter maintainer tasks
- [ ] Label as `breaking` if this is a large, fundamental change.
- [ ] Label as `breaking` if this change breaks compatibility with the previous released version.
- [ ] Label as either: `automation`, `bug`, `documentation`, `enhancement`, `infrastructure`.

70
.github/workflows/lint-commit.yaml vendored Normal file
View file

@ -0,0 +1,70 @@
---
name: Lint commit
on:
push:
pull_request:
merge_group:
jobs:
commitlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if the pull request contains a single commit
if: github.event_name == 'pull_request'
run: |
commit_count=${{ github.event.pull_request.commits }}
if [ -z ${commit_count} ]; then
echo "[ERROR] commit_count is empty"
exit 1
fi
if [[ ${commit_count} -ne 1 ]]; then
echo "[ERROR] This pull request contains ${commit_count} commits. Squash these commits into a single commit."
exit 1
else
echo "This pull request contains ${commit_count} commit."
fi
- name: Set commit metadata
run: |
SET_INTERVAL_VALUES="true"
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
echo "Using default commit metadata"
SET_INTERVAL_VALUES="false"
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
FROM_INTERVAL_COMMITLINT=${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }}
TO_INTERVAL_COMMITLINT=${{ github.event.pull_request.head.sha }}
else
echo "[ERROR] Event not supported when setting commit metadata"
exit 1
fi
if [ "${SET_INTERVAL_VALUES}" == "true" ]; then
if [ -z "${FROM_INTERVAL_COMMITLINT}" ]; then
echo "[ERROR] FROM_INTERVAL_COMMITLINT is empty"
exit 1
fi
if [ -z "${TO_INTERVAL_COMMITLINT}" ]; then
echo "[ERROR] TO_INTERVAL_COMMITLINT is empty"
exit 1
fi
{
echo "FROM_INTERVAL_COMMITLINT=${FROM_INTERVAL_COMMITLINT}"
echo "TO_INTERVAL_COMMITLINT=${TO_INTERVAL_COMMITLINT}"
} >> "${GITHUB_ENV}"
else
echo "Skip updating GITHUB_ENV. SET_INTERVAL_VALUES: ${SET_INTERVAL_VALUES}"
fi
- name: Validate commits
run: |
make lint-commits
...

View file

@ -63,8 +63,18 @@ ifeq ($(BUILD_VERSION),)
BUILD_VERSION := $(shell git rev-parse HEAD)
endif
ifeq ($(FROM_INTERVAL_COMMITLINT),)
FROM_INTERVAL_COMMITLINT := "HEAD~1"
endif
ifeq ($(TO_INTERVAL_COMMITLINT),)
TO_INTERVAL_COMMITLINT := "HEAD"
endif
GITHUB_TOKEN_PATH := "$(CURDIR)/.github-personal-access-token"
COMMIT_LINTER_CONTAINER_URL := "conventional-changelog/commitlint:latest"
.PHONY: inspec
inspec: inspec-check ## Run InSpec tests
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
@ -145,3 +155,19 @@ test-linters: ## Run the linters test suite
-e TYPESCRIPT_STANDARD_TSCONFIG_FILE=".github/linters/tsconfig.json" \
-v "$(CURDIR):/tmp/lint" \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: build-commit-linter-container-image
build-commit-linter-container-image: ## Build commit linter container image
DOCKER_BUILDKIT=1 docker buildx build --load \
-t ${COMMIT_LINTER_CONTAINER_URL} "${CURDIR}/dev-dependencies"
.phony: lint-commits
lint-commits: build-commit-linter-container-image ## Lint commits
docker run \
-v "$(CURDIR):/source-repository" \
${COMMIT_LINTER_CONTAINER_URL} \
--config .github/linters/commitlint.config.js \
--cwd /source-repository \
--from ${FROM_INTERVAL_COMMITLINT} \
--to ${TO_INTERVAL_COMMITLINT} \
--verbose

View file

@ -0,0 +1,20 @@
FROM node:21.4.0-bookworm
SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"]
RUN apt-get update \
&& apt-get --assume-yes --no-install-recommends install \
jq \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY package.json ./
RUN jq '.dependencies | to_entries[] | select(.key | startswith("@commitlint/")) | .key + "@" + .value' package.json > commitlint-packages.txt \
&& xargs npm install -g < commitlint-packages.txt \
&& rm package.json commitlint-packages.txt \
&& commitlint --version \
&& git config --global --add safe.directory /source-repository
ENTRYPOINT [ "commitlint" ]

1928
dev-dependencies/package-lock.json generated Normal file

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,10 @@
{
"name": "commitlint-container-image",
"private": true,
"version": "0.0.1-local",
"dependencies": {
"@commitlint/cli": "^18.4.3",
"@commitlint/config-conventional": "^18.4.3"
},
"license": "MIT"
}