Skip to content

fix: code quality release code #39

fix: code quality release code

fix: code quality release code #39

name: Code Quality
# Workflow to check if project meets the code quality standards of the Biosustain group
on:
workflow_call:
inputs:
APPLY_FIXES: # If true, the workflow will try to fix the issues
description: |
Apply linter fixes configuration.
'all' to apply fixes of all linters, or a list of linter keys (ex: JAVASCRIPT_ES,MARKDOWN_MARKDOWNLINT)
required: false
default: none
type: string
APPLY_FIXES_EVENT:
description: |
Decide which event triggers application of fixes in a commit or a PR.
'pull_request', 'push', 'all'
required: false
default: pull_request
type: string
APPLY_FIXES_MODE:
description: |
If APPLY_FIXES is used, defines if the fixes are directly committed (commit)
or posted in a PR (pull_request)
required: false
default: pull_request
type: string
FLAVOUR:
description: |
You can override MegaLinter flavor used to have faster performances
More info at https://megalinter.io/flavors/
required: false
default: ''
type: string
workflow_dispatch:
inputs:
APPLY_FIXES: # If true, the workflow will try to fix the issues
description: |
Apply linter fixes configuration.
Leave empty to not apply fixes, 'all' to apply fixes of all linters, or a list of linter keys (ex: JAVASCRIPT_ES,MARKDOWN_MARKDOWNLINT)
required: false
default: all
type: string
APPLY_FIXES_EVENT:
description: |
Decide which event triggers application of fixes in a commit or a PR.
'pull_request', 'push', 'all'
required: false
default: workflow_dispatch
type: string
APPLY_FIXES_MODE:
description: |
If APPLY_FIXES is used, defines if the fixes are directly committed (commit)
or posted in a PR (pull_request)
required: false
default: pull_request
type: string
FLAVOUR:
description: |
You can override MegaLinter flavor used to have faster performances
More info at https://megalinter.io/flavors/
required: false
default: ''
type: choice
options:
- all
- c_cpp
- ci_light
- cupcake
- documentation
- dotnet
- dotnetweb
- formatters
- go
- java
- javascript
- php
- python
- ruby
- rust
- salesforce
- security
- swift
- terraformg
# Trigger the workflow also on push or pull request in this repository
push:
branches:
- main
pull_request:
branches:
- main
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
env:
# Apply linter fixes configuration
#
# When active, APPLY_FIXES must also be defined as environment variable
# (in github/workflows/mega-linter.yml or other CI tool)
APPLY_FIXES: ${{ github.event.inputs.APPLY_FIXES || 'none' }}
# Decide which event triggers application of fixes in a commit or a PR
# (pull_request, push, all)
APPLY_FIXES_EVENT: ${{ github.event.inputs.APPLY_FIXES_EVENT }}
# If APPLY_FIXES is used, defines if the fixes are directly committed (commit)
# or posted in a PR (pull_request)
APPLY_FIXES_MODE: ${{ github.event.inputs.APPLY_FIXES_MODE }}
MEGALINT_VERSION: a7a0163b6c8ff7474a283d99a706e27483ddd80f # v7.10.0
MEGALINT_FLAVOUR: ${{ github.event.inputs.FLAVOUR && format('/flavour/{}', github.event.inputs.FLAVOUR) || '' }}
jobs:
check-code-quality:
name: Run MegaLinter to check code quality
runs-on: ubuntu-latest
# Give the default GITHUB_TOKEN write permission to commit and push, comment
# issues & post new PR; remove the ones you do not need
permissions: write-all
# actions: read # Needed to run codeql/upload-sarif@v3
# contents: write
# issues: write
# pull-requests: write
steps:
- name: Load configuration
uses: actions/checkout@v4
with:
path: config
- name: Checkout Code
uses: actions/checkout@v4
with:
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
path: code
# If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to
# improve performance
fetch-depth: 0
- name: Decide Megalint flavour
run: |
if [ -f code/.mega-linter.yml ]; then
echo "Using project specific MegaLinter configuration"
else
echo "Using default MegaLinter configuration"
fi
# MegaLinter
- name: MegaLinter
uses: jenseng/dynamic-uses@5175289a9a87978dcfcb9cf512b821d23b2a53eb # v1
id: ml
# All available variables are described in documentation
# https://megalinter.io/configuration/
env:
# Define the reporters used in this action (not overrideable)
SARIF_REPORTER: true
MARKDOWN_SUMMARY_REPORTER: true
GITHUB_WORKSPACE: ${{ github.workspace }}/code
DEFAULT_WORKSPACE: ${{ github.workspace }}/code
# Extend the configuration file if it exists, else use default
EXTENDS: ${{ hashFiles('code/.mega-linter.yml') != '' && '../config/.mega-linter.yml' || '' }}
MEGALINTER_CONFIG_FILE: ${{ hashFiles('code/.mega-linter.yml') == '' && '../config/.mega-linter.yml' || '' }}
# Validates all source when push on main, else just the git diff with
# main. Override with true if you always want to lint all sources
#
# To validate the entire codebase, set to:
# VALIDATE_ALL_CODEBASE: true
#
# To validate only diff with main, set to:
# VALIDATE_ALL_CODEBASE: >-
# ${{
# github.event_name == 'push' &&
# contains(fromJSON('["refs/heads/main", "refs/heads/master"]'), github.ref)
# }}
VALIDATE_ALL_CODEBASE: >
${{
github.event_name == 'push' &&
contains(fromJSON('["refs/heads/main", "refs/heads/master"]'), github.ref)
}}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
# You can override MegaLinter flavor used to have faster performances
# More info at https://megalinter.io/flavors/
uses: oxsecurity/megalinter${{ env.MEGALINT_FLAVOUR }}@${{ env.MEGALINT_VERSION }}
- name: Show MegaLinter output
env:
ML_OUTPUT: ${{ toJSON(steps.ml.outputs) }}
run: |
jq "$ML_OUTPUT"
# Upload MegaLinter artifacts
- name: Archive production artifacts
uses: actions/upload-artifact@v4
if: success() || failure()
with:
name: MegaLinter reports
path: |
megalinter-reports
mega-linter.log
- name: Upload MegaLinter scan results to GitHub Security tab
continue-on-error: true
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'megalinter-reports/megalinter-report.sarif'
- name: Show report in job summary
if: always()
run: cat megalinter-reports/megalinter-report.md | tee $GITHUB_STEP_SUMMARY
# Set APPLY_FIXES_IF var for use in future steps
- name: Set APPLY_FIXES_IF var
run: |
printf 'APPLY_FIXES_IF=%s\n' "${{
steps.ml.outputs.has_updated_sources == 1 &&
(
env.APPLY_FIXES_EVENT == 'all' ||
env.APPLY_FIXES_EVENT == github.event_name
) &&
(
github.event_name == 'push' ||
github.event.pull_request.head.repo.full_name == github.repository
)
}}" >> "${GITHUB_ENV}"
# Set APPLY_FIXES_IF_* vars for use in future steps
- name: Set APPLY_FIXES_IF_* vars
run: |
printf 'APPLY_FIXES_IF_PR=%s\n' "${{
env.APPLY_FIXES_IF == 'true' &&
env.APPLY_FIXES_MODE == 'pull_request'
}}" >> "${GITHUB_ENV}"
printf 'APPLY_FIXES_IF_COMMIT=%s\n' "${{
env.APPLY_FIXES_IF == 'true' &&
env.APPLY_FIXES_MODE == 'commit' &&
(!contains(fromJSON('["refs/heads/main", "refs/heads/master"]'), github.ref))
}}" >> "${GITHUB_ENV}"
# Create pull request if applicable
# (for now works only on PR from same repository, not from forks)
- name: Create Pull Request with applied fixes
uses: peter-evans/create-pull-request@c55203cfde3e5c11a452d352b4393e68b85b4533 # v6.0.3
id: cpr
if: env.APPLY_FIXES_IF_PR == 'true'
with:
token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
commit-message: "[BiosustainMegaLinter] Apply linters automatic fixes"
title: "[BiosustainMegaLinter] Apply linters automatic fixes"
labels: bot
- name: Create PR output
if: env.APPLY_FIXES_IF_PR == 'true'
run: |
echo "PR Number - ${{ steps.cpr.outputs.pull-request-number }}"
echo "PR URL - ${{ steps.cpr.outputs.pull-request-url }}"
# Push new commit if applicable
# (for now works only on PR from same repository, not from forks)
- name: Prepare commit
if: env.APPLY_FIXES_IF_COMMIT == 'true'
run: sudo chown -Rc $UID .git/
- name: Commit and push applied linter fixes
uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1
if: env.APPLY_FIXES_IF_COMMIT == 'true'
with:
branch: >-
${{
github.event.pull_request.head.ref ||
github.head_ref ||
github.ref
}}
commit_message: "[BiosustainMegaLinter] Apply linters fixes"