actions/lint
1
0
Fork 0
mirror of https://github.com/super-linter/super-linter.git synced 2025-03-11 16:59:32 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions1
lint/Makefile
Marco Ferrari ace79ca403
build: ignore changelog when linting codebase () 
CHANGELOG.md is automatically generated by the release workflow.
Ignore it when linting the codebase because it might not pass textlint
validation because of lowercase terms.
2024-01-31 10:31:06 +01:00

327 lines
11 KiB
Makefile
Raw Blame History

# Inspired by https://github.com/jessfraz/dotfiles
.PHONY: all
all: info docker test ## Run all targets.
.PHONY: test
test: info validate-container-image-labels test-lib inspec lint-codebase test-default-config-files test-find lint-subset-files test-custom-ssl-cert test-non-default-workdir test-git-flags test-linters ## Run the test suite
# if this session isn't interactive, then we don't want to allocate a
# TTY, which would fail, but if it is interactive, we do want to attach
# so that the user can send e.g. ^C through.
INTERACTIVE := $(shell [ -t 0 ] && echo 1 || echo 0)
ifeq ($(INTERACTIVE), 1)
DOCKER_FLAGS += -t
endif
.PHONY: info
info: ## Gather information about the runtime environment
echo "whoami: $$(whoami)"; \
echo "pwd: $$(pwd)"; \
echo "ls -ahl: $$(ls -ahl)"; \
docker images; \
docker ps
.PHONY: help
help: ## Show help
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
.PHONY: inspec-check
inspec-check: ## Validate inspec profiles
docker run $(DOCKER_FLAGS) \
--rm \
-v "$(CURDIR)":/workspace \
-w="/workspace" \
chef/inspec check \
--chef-license=accept \
test/inspec/super-linter
SUPER_LINTER_TEST_CONTAINER_NAME := "super-linter-test"
SUPER_LINTER_TEST_CONTAINER_URL := $(CONTAINER_IMAGE_ID)
DOCKERFILE := ''
IMAGE := $(CONTAINER_IMAGE_TARGET)
# Default to stadard
ifeq ($(IMAGE),)
IMAGE := "standard"
endif
# Default to latest
ifeq ($(SUPER_LINTER_TEST_CONTAINER_URL),)
SUPER_LINTER_TEST_CONTAINER_URL := "ghcr.io/super-linter/super-linter:latest"
endif
ifeq ($(BUILD_DATE),)
BUILD_DATE := $(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
endif
ifeq ($(BUILD_REVISION),)
BUILD_REVISION := $(shell git rev-parse HEAD)
endif
ifeq ($(BUILD_VERSION),)
BUILD_VERSION := $(shell git rev-parse HEAD)
endif
ifeq ($(FROM_INTERVAL_COMMITLINT),)
FROM_INTERVAL_COMMITLINT := "HEAD~1"
endif
ifeq ($(TO_INTERVAL_COMMITLINT),)
TO_INTERVAL_COMMITLINT := "HEAD"
endif
GITHUB_TOKEN_PATH := "$(CURDIR)/.github-personal-access-token"
DEV_CONTAINER_URL := "super-linter/dev-container:latest"
ifeq ($(GITHUB_HEAD_REF),)
RELEASE_PLEASE_TARGET_BRANCH := "$(shell git branch --show-current)"
else
RELEASE_PLEASE_TARGET_BRANCH := "${GITHUB_HEAD_REF}"
endif
.phony: check-github-token
check-github-token:
@if [ ! -f "${GITHUB_TOKEN_PATH}" ]; then echo "Cannot find the file to load the GitHub access token: $(GITHUB_TOKEN_PATH). Create a readable file there, and populate it with a GitHub personal access token."; exit 1; fi
.phony: inspec
inspec: inspec-check ## Run InSpec tests
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
if [ "$$DOCKER_CONTAINER_STATE" = "true" ]; then docker kill $(SUPER_LINTER_TEST_CONTAINER_NAME); fi && \
docker tag $(SUPER_LINTER_TEST_CONTAINER_URL) $(SUPER_LINTER_TEST_CONTAINER_NAME) && \
SUPER_LINTER_TEST_CONTAINER_ID="$$(docker run -d --name $(SUPER_LINTER_TEST_CONTAINER_NAME) --rm -it --entrypoint /bin/ash $(SUPER_LINTER_TEST_CONTAINER_NAME) -c "while true; do sleep 1; done")" \
&& docker run $(DOCKER_FLAGS) \
--rm \
-v "$(CURDIR)":/workspace \
-v /var/run/docker.sock:/var/run/docker.sock \
-e IMAGE=$(IMAGE) \
-w="/workspace" \
chef/inspec exec test/inspec/super-linter \
--chef-license=accept \
--diagnose \
--log-level=debug \
-t "docker://$${SUPER_LINTER_TEST_CONTAINER_ID}" \
&& docker ps \
&& docker kill $(SUPER_LINTER_TEST_CONTAINER_NAME)
.phony: docker
docker: check-github-token ## Build the container image
DOCKER_BUILDKIT=1 docker buildx build --load \
--build-arg BUILD_DATE=$(BUILD_DATE) \
--build-arg BUILD_REVISION=$(BUILD_REVISION) \
--build-arg BUILD_VERSION=$(BUILD_VERSION) \
--secret id=GITHUB_TOKEN,src=$(GITHUB_TOKEN_PATH) \
--target $(IMAGE) \
-t $(SUPER_LINTER_TEST_CONTAINER_URL) .
.phony: docker-pull
docker-pull: ## Pull the container image from registry
docker pull $(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: validate-container-image-labels
validate-container-image-labels: ## Validate container image labels
$(CURDIR)/test/validate-docker-labels.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL) \
$(BUILD_DATE) \
$(BUILD_REVISION) \
$(BUILD_VERSION)
# For some cases, mount a directory that doesn't have too many files to keep tests short
.phony: test-find
test-find: ## Run super-linter on a subdirectory with USE_FIND_ALGORITHM=true
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e DEFAULT_BRANCH=main \
-e USE_FIND_ALGORITHM=true \
-v "$(CURDIR)/.github":/tmp/lint/.github \
$(SUPER_LINTER_TEST_CONTAINER_URL)
# We need to set USE_FIND_ALGORITHM=true because the DEFALUT_WORKSPACE is not
# a Git directory in this test case
.phony: test-non-default-workdir
test-non-default-workdir: ## Run super-linter with DEFAULT_WORKSPACE set
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e ERROR_ON_MISSING_EXEC_BIT=true \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e DEFAULT_BRANCH=main \
-e DEFAULT_WORKSPACE=/tmp/not-default-workspace \
-e USE_FIND_ALGORITHM=true \
-e VALIDATE_ALL_CODEBASE=true \
-v $(CURDIR)/.github:/tmp/not-default-workspace/.github \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-git-flags
test-git-flags: ## Run super-linter with different git-related flags
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e ERROR_ON_MISSING_EXEC_BIT=true \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e FILTER_REGEX_EXCLUDE=".*(/test/linters/|CHANGELOG.md).*" \
-e DEFAULT_BRANCH=main \
-e IGNORE_GENERATED_FILES=true \
-e IGNORE_GITIGNORED_FILES=true \
-e VALIDATE_ALL_CODEBASE=true \
-v "$(CURDIR)":/tmp/lint \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: lint-codebase
lint-codebase: ## Lint the entire codebase
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e DEFAULT_BRANCH=main \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e FILTER_REGEX_EXCLUDE=".*(/test/linters/|CHANGELOG.md).*" \
-e GITLEAKS_CONFIG_FILE=".gitleaks-ignore-tests.toml" \
-e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \
-e VALIDATE_ALL_CODEBASE=true \
-v "$(CURDIR):/tmp/lint" \
$(SUPER_LINTER_TEST_CONTAINER_URL)
# This is a smoke test to check how much time it takes to lint only a small
# subset of files, compared to linting the whole codebase.
.phony: lint-subset-files
lint-subset-files: lint-subset-files-enable-only-one-type lint-subset-files-enable-expensive-io-checks
.phony: lint-subset-files-enable-only-one-type
lint-subset-files-enable-only-one-type: ## Lint a small subset of files in the codebase by enabling only one linter
time docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e DEFAULT_BRANCH=main \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e FILTER_REGEX_EXCLUDE=".*(/test/linters/|CHANGELOG.md).*" \
-e VALIDATE_ALL_CODEBASE=true \
-e VALIDATE_MARKDOWN=true \
-v "$(CURDIR):/tmp/lint" \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: lint-subset-files-enable-expensive-io-checks
lint-subset-files-enable-expensive-io-checks: ## Lint a small subset of files in the codebase and keep expensive I/O operations to check file types enabled
time docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e DEFAULT_BRANCH=main \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e FILTER_REGEX_EXCLUDE=".*(/test/linters/|CHANGELOG.md).*" \
-e VALIDATE_ALL_CODEBASE=true \
-e VALIDATE_ARM=true \
-e VALIDATE_CLOUDFORMATION=true \
-e VALIDATE_KUBERNETES_KUBECONFORM=true \
-e VALIDATE_MARKDOWN=true \
-e VALIDATE_OPENAPI=true \
-e VALIDATE_STATES=true \
-e VALIDATE_TEKTON=true \
-v "$(CURDIR):/tmp/lint" \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-lib
test-lib: test-build-file-list test-github-event test-validation ## Test super-linter
.phony: test-build-file-list
test-build-file-list: ## Test buildFileList
docker run \
-v "$(CURDIR):/tmp/lint" \
-w /tmp/lint \
--entrypoint /tmp/lint/test/lib/buildFileListTest.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-github-event
test-github-event: ## Test githubEvent
docker run \
-v "$(CURDIR):/tmp/lint" \
-w /tmp/lint \
--entrypoint /tmp/lint/test/lib/githubEventTest.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-validation
test-validation: ## Test validation
docker run \
-v "$(CURDIR):/tmp/lint" \
-w /tmp/lint \
--entrypoint /tmp/lint/test/lib/validationTest.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL)
# Run this test against a small directory because we're only interested in
# loading default configuration files. The directory that we run super-linter
# against should not be .github because that includes default linter rules.
.phony: test-default-config-files
test-default-config-files: ## Test default configuration files loading
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e DEFAULT_BRANCH=main \
-e USE_FIND_ALGORITHM=true \
-v "$(CURDIR)/docs":/tmp/lint \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-custom-ssl-cert
test-custom-ssl-cert: ## Test the configuration of a custom SSL/TLS certificate
docker run \
-e RUN_LOCAL=true \
-e ACTIONS_RUNNER_DEBUG=true \
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
-e DEFAULT_BRANCH=main \
-e USE_FIND_ALGORITHM=true \
-e SSL_CERT_SECRET="$(shell cat test/data/ssl-certificate/rootCA-test.crt)" \
-v "$(CURDIR)/docs":/tmp/lint \
$(SUPER_LINTER_TEST_CONTAINER_URL)
.phony: test-linters
test-linters: test-linters-expect-success test-linters-expect-failure ## Run the linters test suite
.phony: test-linters-expect-success
test-linters-expect-success: ## Run the linters test suite expecting successes
$(CURDIR)/test/run-super-linter-tests.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL) \
"run_test_cases_expect_success"
.phony: test-linters-expect-failure
test-linters-expect-failure: ## Run the linters test suite expecting failures
$(CURDIR)/test/run-super-linter-tests.sh \
$(SUPER_LINTER_TEST_CONTAINER_URL) \
"run_test_cases_expect_failure"
.phony: build-dev-container-image
build-dev-container-image: ## Build commit linter container image
DOCKER_BUILDKIT=1 docker buildx build --load \
--build-arg GID=$(shell id -g) \
--build-arg UID=$(shell id -u) \
-t ${DEV_CONTAINER_URL} "${CURDIR}/dev-dependencies"
.phony: lint-commits
lint-commits: build-dev-container-image ## Lint commits
docker run \
-v "$(CURDIR):/source-repository" \
${DEV_CONTAINER_URL} \
commitlint \
--config .github/linters/commitlint.config.js \
--cwd /source-repository \
--from ${FROM_INTERVAL_COMMITLINT} \
--to ${TO_INTERVAL_COMMITLINT} \
--verbose
.phony: release-please-dry-run
release-please-dry-run: build-dev-container-image check-github-token ## Run release-please in dry-run mode to preview the release pull request
@echo "Running release-please against branch: ${RELEASE_PLEASE_TARGET_BRANCH}"; \
docker run \
-v "$(CURDIR):/source-repository" \
${DEV_CONTAINER_URL} \
release-please \
release-pr \
--config-file .github/release-please/release-please-config.json \
--dry-run \
--manifest-file .github/release-please/.release-please-manifest.json \
--repo-url super-linter/super-linter \
--target-branch ${RELEASE_PLEASE_TARGET_BRANCH} \
--token "$(shell cat "${GITHUB_TOKEN_PATH}")" \
--trace
Reference in a new issue View git blame Copy permalink