mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-10 02:53:36 -05:00
c770a8d253
Set up dotenv-linter for the slim image, and not only for the standard image because it doesn't have dependencies on the Rust SDK, and weights less than 10MB.
296 lines
10 KiB
YAML
296 lines
10 KiB
YAML
name: Build and Test
|
|
|
|
on:
|
|
pull_request:
|
|
push:
|
|
merge_group:
|
|
workflow_dispatch:
|
|
|
|
# Don't grant any access by default
|
|
permissions: {}
|
|
|
|
jobs:
|
|
build-container-image:
|
|
name: Build and Test
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
concurrency:
|
|
# Ref: https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
|
|
# github.head_ref: head_ref or source branch of the pull request
|
|
# github.ref: ref of the branch that triggered the workflow
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.images.target }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
images:
|
|
- prefix: slim-
|
|
target: slim
|
|
- prefix: ""
|
|
target: standard
|
|
timeout-minutes: 60
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Set build metadata
|
|
run: |
|
|
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
|
BUILD_REVISION=${{ github.sha }}
|
|
BUILD_VERSION=${{ github.sha }}
|
|
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
|
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
|
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
|
else
|
|
echo "[ERROR] Event not supported when setting build revision and build version"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_REVISION}" ]; then
|
|
echo "[ERROR] BUILD_REVISION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_VERSION}" ]; then
|
|
echo "[ERROR] BUILD_VERSION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
{
|
|
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
|
echo "BUILD_REVISION=${BUILD_REVISION}"
|
|
echo "BUILD_VERSION=${BUILD_VERSION}"
|
|
} >> "${GITHUB_ENV}"
|
|
|
|
- name: Free Disk space
|
|
shell: bash
|
|
run: |
|
|
sudo rm -rf /usr/local/lib/android || true
|
|
sudo rm -rf /usr/share/dotnet || true
|
|
sudo rm -rf /opt/ghc || true
|
|
sudo rm -rf /usr/local/.ghcup || true
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Build Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile
|
|
build-args: |
|
|
BUILD_DATE=${{ env.BUILD_DATE }}
|
|
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
|
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
|
cache-from: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache
|
|
outputs: type=docker,dest=/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
push: false
|
|
secrets: |
|
|
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
|
|
tags: |
|
|
${{ env.CONTAINER_IMAGE_ID }}
|
|
target: "${{ matrix.images.target }}"
|
|
|
|
# Load the image here because the docker/build-push-action doesn't support multiple exporters yet
|
|
# Ref: https://github.com/docker/build-push-action/issues/413
|
|
# Ref: https://github.com/moby/buildkit/issues/1555
|
|
- name: Load image
|
|
run: |
|
|
docker load <"/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar"
|
|
|
|
- name: Print environment info
|
|
run: |
|
|
make info
|
|
|
|
# Validate the container image labels here so we don't have to pass the expected
|
|
# label values to other build jobs
|
|
- name: Validate container image labels
|
|
run: make validate-container-image-labels
|
|
|
|
- name: Upload ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/upload-artifact@v4.3.3
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
|
|
test-local-action:
|
|
name: Test the Super-linter GitHub Action
|
|
runs-on: ubuntu-latest
|
|
needs: build-container-image
|
|
permissions:
|
|
contents: read
|
|
strategy:
|
|
matrix:
|
|
images:
|
|
- container-image-id: super-linter-latest
|
|
prefix: ""
|
|
target: standard
|
|
- container-image-id: super-linter-slim-latest
|
|
prefix: slim-
|
|
target: slim
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/download-artifact@v4.1.7
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp
|
|
|
|
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
run: |
|
|
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
docker image ls -a
|
|
|
|
- name: Update action.yml
|
|
run: |
|
|
echo "yq version: $(yq --version)"
|
|
yq '.runs.image = "docker://" + env(CONTAINER_IMAGE_ID)' -i action.yml
|
|
echo "Action file contents:"
|
|
cat action.yml
|
|
|
|
- name: Test Local Action (debug log)
|
|
uses: ./
|
|
env:
|
|
LOG_LEVEL: DEBUG
|
|
CREATE_LOG_FILE: true
|
|
VALIDATE_ALL_CODEBASE: false
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml
|
|
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*"
|
|
RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json"
|
|
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json"
|
|
|
|
- name: Get the contents of the log file
|
|
run: |
|
|
sudo cat super-linter.log
|
|
sudo rm -v super-linter.log
|
|
|
|
- name: Test Local Action (default log)
|
|
uses: ./
|
|
env:
|
|
VALIDATE_ALL_CODEBASE: false
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml
|
|
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*"
|
|
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json"
|
|
|
|
build-test-suite-matrix:
|
|
name: Build test suite matrix
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
outputs:
|
|
matrix: ${{ steps.generate-matrix.outputs.test-cases }}
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Generate test cases matrix
|
|
id: generate-matrix
|
|
run: |
|
|
TEST_TARGETS=$(make -pRrq 2>&1 | grep 'test:' | tr -d '\n' | sed -e "s/^test: //" | jq --raw-input --slurp --compact-output 'split(" ")')
|
|
echo "TEST_TARGETS: ${TEST_TARGETS}"
|
|
echo "test-cases=${TEST_TARGETS}" >> "${GITHUB_OUTPUT}"
|
|
|
|
run-test-suite:
|
|
name: Run test cases
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
needs:
|
|
- build-container-image
|
|
- build-test-suite-matrix
|
|
strategy:
|
|
matrix:
|
|
test-case: ${{ fromJson(needs.build-test-suite-matrix.outputs.matrix) }}
|
|
images:
|
|
- container-image-id: super-linter-latest
|
|
prefix: ""
|
|
target: standard
|
|
- container-image-id: super-linter-slim-latest
|
|
prefix: slim-
|
|
target: slim
|
|
exclude:
|
|
# Don't validate container image labels because we do that when building the image
|
|
- test-case: validate-container-image-labels
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/download-artifact@v4.1.7
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp
|
|
|
|
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
run: |
|
|
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
docker image ls -a
|
|
|
|
- name: "Test case: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}"
|
|
run: |
|
|
echo "Running: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}"
|
|
make ${{ matrix.test-case }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
# The purpose of this job is to run only when the run-test-suite job runs to completion.
|
|
# We can use this job as a required status check in a branch protection rule without
|
|
# having to select each individual job that dynamically add to the test matrix.
|
|
test-success-placeholder:
|
|
name: Check if all the tests passed
|
|
if: ${{ always() }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
needs:
|
|
- run-test-suite
|
|
- test-local-action
|
|
steps:
|
|
- name: Test suite success
|
|
if: ${{ !(contains(needs.*.result, 'failure')) && !contains(needs.*.result, 'cancelled') && !contains(needs.*.result, 'skipped') }}
|
|
run: exit 0
|
|
- name: Test suite failures
|
|
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') }}
|
|
run: exit 1
|
|
|
|
preview-release-notes:
|
|
if: github.event_name == 'pull_request' && github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'super-linter/super-linter'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup authentication token
|
|
run: |
|
|
echo "${{ secrets.GITHUB_TOKEN }}" > .github-personal-access-token
|
|
|
|
- name: Generate a preview of the release notes
|
|
run: |
|
|
make release-please-dry-run
|