Add support to run Commitlint against commit messages. It supports the
current modes:
- Lint the commit message of the last commit
- Lint the commit messages of the pushed commits in case there is more
than one pushed commit
This commit also removes stuff that we used to run commitlint as a
standalone tool because we can now use the commitlint instance that
Super-linter ships:
- lint-commit steps in lint-commit the GitHub Actions workflow
- lint-commit Make target
- commitlint and its dependencies in package.json and package-lock.json
- New SAVE_SUPER_LINTER_OUTPUT variable. When set to true,
saves super-linter output to ${DEFAULT_WORKSPACE}/${SUPER_LINTER_OUTPUT_DIRECTORY_NAME}
- New SUPER_LINTER_OUTPUT_DIRECTORY_NAME variable to set the output
directory name instide the default workspace.
Close#5774
Don't skip processing the current item (FILE) before we give
BuildFileArrays the chance to process it as an item to eventually add to
the list of directories to lint with ansible-lint.
Fix#5789
Other related changes
- Add a new make target to open a shell in a Super-linter container.
- Use a fixed path for FILE_ARRAYS_DIRECTORY_PATH so we can verify its
contents in tests
- Remove redundant ValidateBooleanVariable in buildFileList because we
already check those variables in valudation.
- Move Ansible directory detection to a function so we can reuse it.
- Add missing exports for global configuration variables.
- Remove unused LOG_XXXX variables from tests. These should have been
deleted when we moved log variables to log.sh
feat: configure ruff
feat: update the orchestration scripts
feat: update the test suite
docs: update README
feat: add test cases for ruff
fix: CI error
chore: del .github/linters/.ruff.toml
fix: CI error
fix: README
update: LINTER_NAMES_ARRAY
fix: Dockerfile
fix: .github/linters/.jscpd.json
fix: test files
fix: del version_command
- Export the TEST_CASE_RUN variable because subprocesses reference it
when building the file list.
- Remove a duplicate file that we didn't catch because Jscpd was not
running due to the TEST_CASE_RUN variable not being exported.
Fix#5483
Emit a hopefully more helpful error message when the Git ref doesn't
exist. The error message is the same we use when getting changed files
only: it suggests checking that repository clone is not shallow, and
that the full history is available. Additionally, when running on
GitHub Actions, it also suggests checking the fetch-depth option of the
actions/checkout step.
Fix#5315
Terrascan runs initialization anyway when scanning files, so there's no
point in running it at build time. Also, this works around a Terrascan
bug that caused it to fail its initialization if $HOME/.terrascan
directory is not present. This happens on GitHub Actions because it
configures a $HOME directory that is different from ours.
- Check if Stdout and Stderr have elements before printing them.
- Run the super-linter action in a dedicated step using default logging to
inspect how the output looks during CI.
Exclude the default docker bake files in HCL format from the list of files to
lint with Terragrunt.
Note that Docker bake supports defining arbitrary names for
configuration files, so this commit doesn't cover the scenario that a
user defined an arbitrary name for a Docker bake configuration file in
HCL format. Example: example-bake-config-file.hcl will be included in
the list of files to lint with Terragrunt.
Ref (default bake names):
https://docs.docker.com/build/bake/reference/#file-format
- Validate variables representing boolean values.
- Group global variables in the same sections.
- Declare variables as lowercase with the 'declare -l' shell builtin for
more clarity.
textlint was expensive to run because we added every file in the list of
files to lint to FILE_ARRAY_NATURAL_LANGUAGE. In #5041, we mitigated
this issue but lost the ability to run textlint on changed files only.
Given that textlint ignore files for which it doesn't have a plugin
installed, and that we don't currently install additional plugins
besides the default ones to lint markdown files and text files, we let
textlint run on these files only, so we can have the feature to lint
only changed files with this linter as well, back.
- Fix GITHUB_BEFORE_SHA initialization on push events by setting the
correct key.
- Add an additional check against setting GITHUB_BEFORE_SHA to null.
- Run the CI workflow on push events to trigger required status checks
when using the merge queue.
- Run jscpd, gitleaks, textlint against the entire workspace instead of
running them over single files, one by one.
- Implement a warning function for deprecated variables.
- Deprecate the VALIDATE_JSCPD_ALL_CODEBASE variable.
- Remove duplicate configuration files when they are the same as the
ones we provide in TEMPLATES.
- Add a missing tests for ansible-lint.
- Move ANSIBLE_DIRECTORY configuration when running tests in
buildFileList, where similar configs are.
- Simplify ansible-lint test cases to include only what's necessary, and
not an entire set of roles, playbooks, and inventory.
- Write instructions about major upgrades in the upgrade guide.
- Add support to run Checkov against infrastructure as code descriptors
that are in a given (configurable) directory. Defaults to lint the
whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
issues right away with this change.
* Lint Go projects by directory
* Search for Go modules
* Fix test path
* Add test cases and fix command
* Change workdir
* Add a warning about false positives
* fatal instead of warn
* Move tests to the test directory
* Close group on fatal
* Don't fail in test mode
* Exit on errors when running Git
* Skip pulling changes entirely
* Enable pipefail when generating diffs
* Cleanup
* Shallow repo check
* Echo GITHUB_SHA update
* Check if GITHUB_SHA exists before using it
* Move GITHUB_SHA validation to validation script
* Rely on cat-file return code
* Check if DEFAULT_BRANCH exists
* Change dir when checking DEFAULT_BRANCH
* Show git branches
* Don't switch branches
* Check GITHUB_SHA only when needed
* Ensure we have permissions before interacting with the repo
* Remove the DIFF_CMD variable
* Move TEST_CASE_RUN and RUN_LOCAL init up
* Validate if Git repo and if SHA exists
* Move validation function
* Change dir when getting branch names
* Move debug messages up to be less verbose
* Move branch validation in a function
* Fix linting errors
* #4846 fixes regex to be more strict with filenames that container Dockerfile but that are not actually dockerfiles
* Debug print for ANSIBLE_DIRECTORY to see if tests exist
* Trying out the =~ operator
* rm echo cmd
* catch the i-am-containerfile case
* rm extra space
* Remove quotes for shell format linter
---------
Co-authored-by: Zack Koppert <zkoppert@github.com>
* move from github org to super-linter org
* rename to super-linter org
* rename to super-linter org
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter and remove dockerhub reference
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rm dockerhub section link
* Issue hint when failing to switch back to branch
Switching back to the branch fails with the below error on a shallow checkout:
2023-04-18 21:34:51 [ERROR] Failed to switch back to branch!
2023-04-18 21:34:51 [FATAL] [fatal: reference is not a tree: 3afa21b5f9bef8e81396e3572a598d089e710b96]
With this change, it will look as follows:
2023-04-18 21:34:51 [ERROR] Failed to switch back to branch!
2023-04-18 21:34:51 [INFO] Check that you have the full git history, the checkout is not shallow, etc
2023-04-18 21:34:51 [INFO] See https://github.com/github/super-linter#example-connecting-github-action-workflow
2023-04-18 21:34:51 [FATAL] [fatal: reference is not a tree: 3afa21b5f9bef8e81396e3572a598d089e710b96]
* Update lib/functions/buildFileList.sh
---------
Co-authored-by: Philip Mallegol-Hansen <philip@mallegolhansen.com>
The list-based method breaks down in case of ignored folders:
If .gitignore contains foo/, foo/bar.py is still checked.
Signed-off-by: Christoph Höger <christoph.hoeger@piano.io>