lint/.github/workflows/lint-commit.yaml
Marco Ferrari 9d7268fb99
feat: add support for checkov to lint iac files (#4925)
- Add support to run Checkov against infrastructure as code descriptors
  that are in a given (configurable) directory. Defaults to lint the
  whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
  issues right away with this change.
2023-12-22 13:22:15 +01:00

75 lines
2.3 KiB
YAML

---
name: Lint commit
on:
push:
pull_request:
merge_group:
# Don't grant any access by default
permissions: {}
jobs:
commitlint:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if the pull request contains a single commit
if: github.event_name == 'pull_request'
run: |
commit_count=${{ github.event.pull_request.commits }}
if [ -z ${commit_count} ]; then
echo "[ERROR] commit_count is empty"
exit 1
fi
if [[ ${commit_count} -ne 1 ]]; then
echo "[ERROR] This pull request contains ${commit_count} commits. Squash these commits into a single commit."
exit 1
else
echo "This pull request contains ${commit_count} commit."
fi
- name: Set commit metadata
run: |
SET_INTERVAL_VALUES="true"
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
echo "Using default commit metadata"
SET_INTERVAL_VALUES="false"
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
FROM_INTERVAL_COMMITLINT=${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }}
TO_INTERVAL_COMMITLINT=${{ github.event.pull_request.head.sha }}
else
echo "[ERROR] Event not supported when setting commit metadata"
exit 1
fi
if [ "${SET_INTERVAL_VALUES}" == "true" ]; then
if [ -z "${FROM_INTERVAL_COMMITLINT}" ]; then
echo "[ERROR] FROM_INTERVAL_COMMITLINT is empty"
exit 1
fi
if [ -z "${TO_INTERVAL_COMMITLINT}" ]; then
echo "[ERROR] TO_INTERVAL_COMMITLINT is empty"
exit 1
fi
{
echo "FROM_INTERVAL_COMMITLINT=${FROM_INTERVAL_COMMITLINT}"
echo "TO_INTERVAL_COMMITLINT=${TO_INTERVAL_COMMITLINT}"
} >> "${GITHUB_ENV}"
else
echo "Skip updating GITHUB_ENV. SET_INTERVAL_VALUES: ${SET_INTERVAL_VALUES}"
fi
- name: Validate commits
run: |
make lint-commits
...