diff --git a/.github/matchers/clang-format.json b/.github/matchers/clang-format.json new file mode 100644 index 00000000..d2f10ec0 --- /dev/null +++ b/.github/matchers/clang-format.json @@ -0,0 +1,18 @@ +{ + "problemMatcher": [ + { + "owner": "clang-format", + "pattern": [ + { + "regexp": "^(.+):(\\d+):(\\d+): (error|warning|info): (.+) \\[([\\w\\-,\\.]+)\\]$", + "file": 1, + "line": 2, + "column": 3, + "message": 5, + "code": 6, + "severity": 4 + } + ] + } + ] +} diff --git a/.github/matchers/cmake-lint.json b/.github/matchers/cmake-lint.json new file mode 100644 index 00000000..b9415382 --- /dev/null +++ b/.github/matchers/cmake-lint.json @@ -0,0 +1,18 @@ +{ + "problemMatcher": [ + { + "owner": "cmake-lint", + "severity": "error", + "pattern": [ + { + "regexp": "^(.+?):(\\d+),(\\d+): \\[([A-Z]\\d{4})\\] (.*)$", + "file": 1, + "line": 2, + "column": 3, + "code": 4, + "message": 5 + } + ] + } + ] +} diff --git a/.github/matchers/gcc.json b/.github/matchers/gcc.json new file mode 100644 index 00000000..6b265e9f --- /dev/null +++ b/.github/matchers/gcc.json @@ -0,0 +1,17 @@ +{ + "problemMatcher": [ + { + "owner": "gcc", + "pattern": [ + { + "regexp": "^(.*):(\\d+):(\\d+):\\s+(?:fatal\\s+)?(error|warning):\\s+(.*)$", + "file": 1, + "line": 2, + "column": 3, + "severity": 4, + "message": 5 + } + ] + } + ] +} diff --git a/.github/matchers/hadolint.json b/.github/matchers/hadolint.json new file mode 100644 index 00000000..6af8b046 --- /dev/null +++ b/.github/matchers/hadolint.json @@ -0,0 +1,21 @@ +{ + "problemMatcher": [ + { + "owner": "hadolint", + "severity": "error", + "pattern": [ + { + "regexp": "^file:\\s+(.+)$", + "file": 1 + }, + { + "regexp": "^\\s*-:(\\d+)\\s+((?:SC|DL)\\d{4})\\s+(\\w+):\\s+(.*)$", + "line": 1, + "code": 2, + "message": 4, + "loop": true + } + ] + } + ] +} diff --git a/.github/matchers/shellcheck-gcc.json b/.github/matchers/shellcheck-gcc.json new file mode 100644 index 00000000..cc2539b6 --- /dev/null +++ b/.github/matchers/shellcheck-gcc.json @@ -0,0 +1,17 @@ +{ + "problemMatcher": [ + { + "owner": "shellcheck-gcc", + "severity": "error", + "pattern": [ + { + "regexp": "^(.*):(\\d+):(\\d+):\\s+(?:fatal\\s+)?(error|note|warning):\\s+(.*)$", + "file": 1, + "line": 2, + "column": 3, + "message": 5 + } + ] + } + ] +} diff --git a/.github/matchers/yamllint.json b/.github/matchers/yamllint.json new file mode 100644 index 00000000..ab9449dd --- /dev/null +++ b/.github/matchers/yamllint.json @@ -0,0 +1,22 @@ +{ + "problemMatcher": [ + { + "owner": "yamllint", + "pattern": [ + { + "regexp": "^(.*\\.ya?ml)$", + "file": 1 + }, + { + "regexp": "^\\s{2}(\\d+):(\\d+)\\s+(error|warning)\\s+(.*?)\\s+\\((.*)\\)$", + "line": 1, + "column": 2, + "severity": 3, + "message": 4, + "code": 5, + "loop": true + } + ] + } + ] +} diff --git a/.github/workflows/__call-common-lint.yml b/.github/workflows/__call-common-lint.yml index 9261776d..59bfd10e 100644 --- a/.github/workflows/__call-common-lint.yml +++ b/.github/workflows/__call-common-lint.yml @@ -24,24 +24,101 @@ jobs: - name: Checkout uses: actions/checkout@v4 + - name: Download problem matchers + shell: bash + working-directory: .github + run: | + mkdir -p matchers + cd matchers + + if [ "${{ github.repository }}" = "LizardByte/.github" ]; then + # use the version from the same ref + ref="${{ github.ref }}" + else + ref="master" + fi + gh_base_url="https://raw.githubusercontent.com/LizardByte/.github" + gh_path="${gh_base_url}/${ref}/.github/matchers" + + declare -A files=( + [actionlint]="https://raw.githubusercontent.com/rhysd/actionlint/main/.github/actionlint-matcher.json" + [clang-format]="${gh_path}/clang-format.json" + [cmake-lint]="${gh_path}/cmake-lint.json" + [gcc]="${gh_path}/gcc.json" + [hadolint]="${gh_path}/hadolint.json" + [shellcheck-gcc]="${gh_path}/shellcheck-gcc.json" + [yamllint]="${gh_path}/yamllint.json" + ) + + for name in "${!files[@]}"; do + if [ ! -f "${name}.json" ]; then + echo "Downloading ${name}.json" + url="${files[$name]}" + curl \ + -fsSL \ + --retry 3 \ + "$url" \ + -o "${name}.json" + else + echo "Skipping download of ${name}.json, already exists" + continue + fi + done + - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.12' - - name: Install dependencies + - name: Install Python dependencies run: | + # shellcheck disable=SC2102 # this is triggered by the [toolchain] extra python -m pip install --upgrade \ + clang-format \ pip \ setuptools \ wheel \ cmakelang \ flake8 \ + flake8-github-annotations \ nb-clean \ - nbqa[toolchain] + nbqa[toolchain] \ + yamllint + + - name: Install actionlint + id: get_actionlint + shell: bash + run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) + + - name: Replace shell + shell: bash + run: | + # Replace in workflow files + find .github/workflows -type f -iname "*.yml" | while read -r file; do + sed -i -e 's/msys2 {0}/bash/g' -e 's/freebsd {0}/sh/g' "${file}" + done + + # Replace in all action.yml files anywhere + find . -type f -iname "action.yml" | while read -r file; do + sed -i -e 's/msys2 {0}/bash/g' -e 's/freebsd {0}/sh/g' "${file}" + done + + - name: actionlint + shell: bash + if: always() + run: | + echo "::add-matcher::.github/matchers/actionlint.json" + set +e + error=0 + ${{ steps.get_actionlint.outputs.executable }} -color + error=$? + set -e + echo "::remove-matcher owner=actionlint::" + exit ${error} - name: C++ - find files id: cpp_files + if: always() run: | # find files found_files=$(find . -type f \ @@ -72,10 +149,10 @@ jobs: echo "found cpp files: ${found_files}" - # do not quote to keep this as a single line - echo found_files=${found_files} >> $GITHUB_OUTPUT + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo found_files=${found_files} >> "${GITHUB_OUTPUT}" - - name: C++ - Clang format lint + - name: C++ - Clang format (diff) if: always() && steps.cpp_files.outputs.found_files uses: DoozyX/clang-format-lint-action@v0.20 with: @@ -85,6 +162,22 @@ jobs: style: file inplace: false + - name: C++ - Clang format (simple) + if: always() && steps.cpp_files.outputs.found_files + run: | + echo "::add-matcher::.github/matchers/clang-format.json" + set +e + error=0 + clang-format \ + --dry-run \ + --style=file \ + --Werror \ + ${{ steps.cpp_files.outputs.found_files }} + error=$? + set -e + echo "::remove-matcher owner=clang-format::" + exit ${error} + - name: CMake - find files id: cmake_files if: always() @@ -111,13 +204,20 @@ jobs: echo "found cmake files: ${found_files}" - # do not quote to keep this as a single line - echo found_files=${found_files} >> $GITHUB_OUTPUT + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo found_files=${found_files} >> "${GITHUB_OUTPUT}" - name: CMake - cmake-lint if: always() && steps.cmake_files.outputs.found_files run: | + echo "::add-matcher::.github/matchers/cmake-lint.json" + set +e + error=0 cmake-lint --line-width 120 --tab-size 4 ${{ steps.cmake_files.outputs.found_files }} + error=$? + set -e + echo "::remove-matcher owner=cmake-lint::" + exit ${error} - name: Docker - find files id: docker_files @@ -127,8 +227,8 @@ jobs: echo "found_files: ${found_files}" - # do not quote to keep this as a single line - echo found_files=${found_files} >> $GITHUB_OUTPUT + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo found_files=${found_files} >> "${GITHUB_OUTPUT}" - name: Docker - hadolint if: always() && steps.docker_files.outputs.found_files @@ -138,6 +238,8 @@ jobs: # create hadolint config file cat < .hadolint.yaml --- + failure-threshold: style + format: tty ignored: - DL3008 - DL3013 @@ -145,28 +247,32 @@ jobs: - DL3018 - DL3028 - DL3059 + no-color: true + no-fail: false + strict-labels: true EOF - failed=0 - failed_files="" + error=0 + echo "::add-matcher::.github/matchers/hadolint.json" + set +e for file in ${{ steps.docker_files.outputs.found_files }}; do - echo "::group::${file}" - docker run --rm -i \ + echo "file: ${file}" + output=$(docker run --rm -i \ -e "NO_COLOR=0" \ - -e "HADOLINT_VERBOSE=1" \ - -v $(pwd)/.hadolint.yaml:/.config/hadolint.yaml \ - hadolint/hadolint < $file || { - failed=1 - failed_files="$failed_files $file" - } - echo "::endgroup::" + -e "HADOLINT_VERBOSE=0" \ + -v "$(pwd)"/.hadolint.yaml:/.config/hadolint.yaml \ + hadolint/hadolint < "${file}" 2>&1) + status=$? + if [ ${status} -ne 0 ]; then + error=1 + echo "${output}" + fi done + set -e + echo "::remove-matcher owner=hadolint::" - if [ $failed -ne 0 ]; then - echo "::error:: hadolint failed for the following files: $failed_files" - exit 1 - fi + exit ${error} - name: PowerShell - PSScriptAnalyzer if: always() @@ -194,28 +300,54 @@ jobs: } # Run PSScriptAnalyzer recursively on the whole repository - Write-Host "::group::Analyzing PowerShell files" $results = Invoke-ScriptAnalyzer -Path "." -Recurse + Write-Host "::group::Analyzing PowerShell files" + if ($results) { - $results | Format-Table -AutoSize - Write-Host "::error::PSScriptAnalyzer found issues in PowerShell files" - Write-Host "::endgroup::" - exit 1 - } else { - Write-Host "No issues found in PowerShell files" - Write-Host "::endgroup::" + foreach ($result in $results) { + $file = $result.ScriptPath + $line = $result.Line + $title = "[$($result.Severity)] $($result.RuleName)" + $message = $result.Message + + # https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-commands#setting-an-error-message + Write-Output "::error file=$file,line=$line,title=$title::$message" + } + } + Write-Host "::endgroup::" + + if ($results) { + $results | Format-Table -AutoSize + Write-Error "PSScriptAnalyzer found issues in PowerShell files" + exit 1 } + Write-Information "PSScriptAnalyzer found no issues in PowerShell files" + - name: Python - flake8 if: always() run: | + echo "::group::problem matcher" + set +e + error=0 python -m flake8 \ - --color=always \ + --format github \ --verbose + error=$? + set -e + echo "::endgroup::" + + # run flake8 again with human friendly output if there were errors + if [ $error -ne 0 ]; then + python -m flake8 \ + --color=always \ + --verbose + fi - name: Python - nbqa flake8 if: always() + # TODO: add problem matcher: https://github.com/gustavgransbo/flake8-github-annotations/issues/11 run: | python -m nbqa flake8 \ --color=always \ @@ -239,21 +371,78 @@ jobs: run: | # check if Cargo.toml exists if [ -f "Cargo.toml" ]; then - echo "found_cargo=true" >> $GITHUB_OUTPUT + echo "found_cargo=true" >> "${GITHUB_OUTPUT}" else - echo "found_cargo=false" >> $GITHUB_OUTPUT + echo "found_cargo=false" >> "${GITHUB_OUTPUT}" fi - name: Setup Rust + if: always() && steps.run_cargo.outputs.found_cargo == 'true' uses: actions-rust-lang/setup-rust-toolchain@v1.13.0 with: - target: ${{ matrix.target }} components: 'rustfmt' cache: false + matcher: false # disable the built-in problem matcher + toolchain: 'nightly' - name: Rust - cargo fmt if: always() && steps.run_cargo.outputs.found_cargo == 'true' - run: cargo fmt -- --check + run: | + set +e + error=0 + cargo +nightly fmt -- --check + error=$? + set -e + + if [ $error -ne 0 ]; then + echo "::group::rustfmt github annotations" + # https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-commands#setting-an-error-message + + # each mismatch in mismatches has the following fields: + # - original_begin_line + # - original_end_line + # - expected_begin_line + # - expected_end_line + # - original + # - expected + # note: original and expected may have \n which does not render properly, + # so we will just tell the user to run `cargo +nightly fmt` + cargo +nightly fmt -- --emit=json | jq -r ' + .[] as $file + | $file.mismatches[]? + | "::error " + + "file=\($file.name)," + + "line=\(.original_begin_line)," + + "endLine=\(.original_end_line)," + + "title=rustfmt mismatch" + + "::Run `cargo +nightly fmt` to fix formatting issues" + ' + echo "::endgroup::" + exit ${error} + fi + + - name: shellcheck - find files + id: shellcheck_files + if: always() + run: | + found_files=$(find . -type f -iname "*.bash" -o -iname "*.sh") + + echo "found_files: ${found_files}" + + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo found_files=${found_files} >> "${GITHUB_OUTPUT}" + + - name: shellcheck + if: always() && steps.shellcheck_files.outputs.found_files + run: | + echo "::add-matcher::.github/matchers/shellcheck-gcc.json" + set +e + error=0 + shellcheck --format gcc ${{ steps.shellcheck_files.outputs.found_files }} + error=$? + set -e + echo "::remove-matcher owner=shellcheck-gcc::" + exit ${error} - name: YAML - find files id: yaml_files @@ -272,35 +461,25 @@ jobs: fi done - echo "found_files=${found_files}" >> $GITHUB_OUTPUT + echo "found_files=${found_files}" >> "${GITHUB_OUTPUT}" - name: YAML - yamllint id: yamllint if: always() - uses: ibiqlik/action-yamllint@v3 - with: - # https://yamllint.readthedocs.io/en/stable/configuration.html#default-configuration - config_data: | - extends: default - rules: - comments: - level: error - document-start: - level: error - line-length: - max: 120 - new-line-at-end-of-file: - level: error - new-lines: - type: unix - truthy: - # GitHub uses "on" for workflow event triggers - # .clang-format file has options of "Yes" "No" that will be caught by this, so changed to "warning" - allowed-values: ['true', 'false', 'on'] - check-keys: true - level: warning - file_or_dir: . ${{ steps.yaml_files.outputs.found_files }} - - - name: YAML - log - if: always() && steps.yamllint.outcome == 'failure' - run: cat "${{ steps.yamllint.outputs.logfile }}" >> $GITHUB_STEP_SUMMARY + run: | + if [ ! -f .yamllint.yml ]; then + curl -sSL https://raw.githubusercontent.com/LizardByte/.github/master/.yamllint.yml -o .yamllint.yml + fi + + echo "::add-matcher::.github/matchers/yamllint.json" + set +e + error=0 + yamllint \ + --config-file .yamllint.yml \ + --format=standard \ + --strict \ + . ${{ steps.yaml_files.outputs.found_files }} + error=$? + set -e + echo "::remove-matcher owner=yamllint::" + exit ${error} diff --git a/.github/workflows/__call-docker.yml b/.github/workflows/__call-docker.yml index d6f3605a..d568ada9 100644 --- a/.github/workflows/__call-docker.yml +++ b/.github/workflows/__call-docker.yml @@ -79,18 +79,18 @@ jobs: echo "found dockerfiles: ${dockerfiles}" - # do not quote to keep this as a single line - echo dockerfiles=${dockerfiles} >> $GITHUB_OUTPUT + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo dockerfiles=${dockerfiles} >> "${GITHUB_OUTPUT}" MATRIX_COMBINATIONS="" for FILE in ${dockerfiles}; do # extract tag from file name - tag=$(echo $FILE | sed -r -z -e 's/(\.\/)*.*\/(Dockerfile)/None/gm') - if [[ $tag == "None" ]]; then - MATRIX_COMBINATIONS="$MATRIX_COMBINATIONS {\"dockerfile\": \"$FILE\"}," + tag=$(echo "${FILE}" | sed -r -z -e 's/(\.\/)*.*\/(Dockerfile)/None/gm') + if [[ "${tag}" == "None" ]]; then + MATRIX_COMBINATIONS="${MATRIX_COMBINATIONS} {\"dockerfile\": \"${FILE}\"}," else - tag=$(echo $FILE | sed -r -z -e 's/(\.\/)*.*\/(.+)(\.dockerfile)/-\2/gm') - MATRIX_COMBINATIONS="$MATRIX_COMBINATIONS {\"dockerfile\": \"$FILE\", \"tag\": \"$tag\"}," + tag=$(echo "${FILE}" | sed -r -z -e 's/(\.\/)*.*\/(.+)(\.dockerfile)/-\2/gm') + MATRIX_COMBINATIONS="${MATRIX_COMBINATIONS} {\"dockerfile\": \"${FILE}\", \"tag\": \"${tag}\"}," fi done @@ -98,20 +98,21 @@ jobs: MATRIX_COMBINATIONS=${MATRIX_COMBINATIONS::-1} # setup matrix for later jobs - matrix=$(( - echo "{ \"include\": [$MATRIX_COMBINATIONS] }" + matrix=$( ( + echo "{ \"include\": [${MATRIX_COMBINATIONS}] }" ) | jq -c .) - echo $matrix - echo $matrix | jq . - echo "matrix=$matrix" >> $GITHUB_OUTPUT + echo "${matrix}" + echo "${matrix}" | jq . + echo "matrix=${matrix}" >> "${GITHUB_OUTPUT}" + - name: Additional Outputs id: additional_outputs run: | # set outputs for later jobs - REPOSITORY=${{ github.repository }} - BASE_TAG=$(echo $REPOSITORY | tr '[:upper:]' '[:lower:]') - echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT + REPOSITORY="${{ github.repository }}" + BASE_TAG=$(echo ${REPOSITORY} | tr '[:upper:]' '[:lower:]') + echo "base_tag=${BASE_TAG}" >> "${GITHUB_OUTPUT}" outputs: base_tag: ${{ steps.additional_outputs.outputs.base_tag }} @@ -155,23 +156,16 @@ jobs: # get branch name BRANCH=${GITHUB_HEAD_REF} - RELEASE=${{ inputs.publish_release }} - COMMIT=${{ inputs.release_commit }} + RELEASE="${{ inputs.publish_release }}" + COMMIT="${{ inputs.release_commit }}" - if [ -z "$BRANCH" ]; then + if [ -z "${BRANCH}" ]; then echo "This is a PUSH event" - BRANCH=${{ github.ref_name }} - CLONE_URL=${{ github.event.repository.clone_url }} + BRANCH="${{ github.ref_name }}" + CLONE_URL="${{ github.event.repository.clone_url }}" else echo "This is a PULL REQUEST event" - CLONE_URL=${{ github.event.pull_request.head.repo.clone_url }} - fi - - # determine to push image to dockerhub and ghcr or not - if [[ $GITHUB_EVENT_NAME == "push" ]]; then - PUSH=true - else - PUSH=false + CLONE_URL="${{ github.event.pull_request.head.repo.clone_url }}" fi # setup the tags @@ -179,21 +173,21 @@ jobs: TAGS="${BASE_TAG}:${COMMIT:0:7}${{ matrix.tag }},ghcr.io/${BASE_TAG}:${COMMIT:0:7}${{ matrix.tag }}" - if [[ $GITHUB_REF == refs/heads/master ]]; then + if [[ "${GITHUB_REF}" == refs/heads/master ]]; then TAGS="${TAGS},${BASE_TAG}:latest${{ matrix.tag }},ghcr.io/${BASE_TAG}:latest${{ matrix.tag }}" TAGS="${TAGS},${BASE_TAG}:master${{ matrix.tag }},ghcr.io/${BASE_TAG}:master${{ matrix.tag }}" else TAGS="${TAGS},${BASE_TAG}:test${{ matrix.tag }},ghcr.io/${BASE_TAG}:test${{ matrix.tag }}" fi - if [[ ${NV} != "" ]]; then + if [[ "${NV}" != "" ]]; then TAGS="${TAGS},${BASE_TAG}:${NV}${{ matrix.tag }},ghcr.io/${BASE_TAG}:${NV}${{ matrix.tag }}" fi # parse custom directives out of dockerfile # try to get the platforms from the dockerfile custom directive, i.e. `# platforms: xxx,yyy` # directives for PR event, i.e. not push event - if [[ ${RELEASE} == "false" ]]; then + if [[ "${RELEASE}" == "false" ]]; then while read -r line; do if [[ $line == "# platforms_pr: "* && $PLATFORMS == "" ]]; then # echo the line and use `sed` to remove the custom directive @@ -230,13 +224,15 @@ jobs: PLATFORMS="linux/amd64" fi - echo "branch=${BRANCH}" >> $GITHUB_OUTPUT - echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT - echo "clone_url=${CLONE_URL}" >> $GITHUB_OUTPUT - echo "artifacts=${ARTIFACTS}" >> $GITHUB_OUTPUT - echo "no_cache_filters=${NO_CACHE_FILTERS}" >> $GITHUB_OUTPUT - echo "platforms=${PLATFORMS}" >> $GITHUB_OUTPUT - echo "tags=${TAGS}" >> $GITHUB_OUTPUT + { + echo "branch=${BRANCH}"; + echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"; + echo "clone_url=${CLONE_URL}"; + echo "artifacts=${ARTIFACTS}"; + echo "no_cache_filters=${NO_CACHE_FILTERS}"; + echo "platforms=${PLATFORMS}"; + echo "tags=${TAGS}"; + } >> "${GITHUB_OUTPUT}" - name: Set Up QEMU uses: docker/setup-qemu-action@v3 @@ -268,6 +264,12 @@ jobs: username: ${{ secrets.GH_BOT_NAME }} password: ${{ secrets.GH_BOT_TOKEN }} + - name: Add problem matcher + run: | + if [ -f "${{ github.workspace }}/.github/matchers/docker.json" ]; then + echo "::add-matcher::${{ github.workspace }}/.github/matchers/docker.json" + fi + - name: Build and push id: build uses: docker/build-push-action@v6 @@ -305,7 +307,7 @@ jobs: -maxdepth 3 \ -type d \ -name 'artifacts' \ - -exec bash -c 'cp -rv {}/* ./artifacts/' \; + -exec bash -c 'cp -rv "$1"/* ./artifacts/' _ {} \; echo "::endgroup::" echo "::group::Artifacts" diff --git a/.github/workflows/__call-release-notifier.yml b/.github/workflows/__call-release-notifier.yml index bfcf0568..01bb6a7f 100644 --- a/.github/workflows/__call-release-notifier.yml +++ b/.github/workflows/__call-release-notifier.yml @@ -81,17 +81,19 @@ jobs: mkdir -p "$(dirname "${file_name}")" # create jekyll blog post - echo "---" > "${file_name}" - echo "layout: release" >> "${file_name}" - echo "title: ${{ github.event.repository.name }} ${tag_name} Released" >> "${file_name}" - echo "release-tag: ${tag_name}" >> "${file_name}" - echo "gh-repo: ${{ github.repository }}" >> "${file_name}" - echo "gh-badge: [follow, fork, star]" >> "${file_name}" - echo "tags: [release, ${repo_lower}]" >> "${file_name}" - echo "comments: true" >> "${file_name}" - echo "author: LizardByte-bot" >> "${file_name}" - echo "---" >> "${file_name}" - echo "" >> "${file_name}" + { + echo "---" + echo "layout: release" + echo "title: ${{ github.event.repository.name }} ${tag_name} Released" + echo "release-tag: ${tag_name}" + echo "gh-repo: ${{ github.repository }}" + echo "gh-badge: [follow, fork, star]" + echo "tags: [release, ${repo_lower}]" + echo "comments: true" + echo "author: LizardByte-bot" + echo "---" + echo "" + } > "${file_name}" release_body=$(cat <> $GITHUB_ENV + echo "RTD_SLUG=${RTD_SLUG}" >> "${GITHUB_ENV}" - name: Deactivate deleted release if: >- @@ -47,9 +47,9 @@ jobs: curl \ -X PATCH \ -H "Authorization: Token ${RTD_TOKEN}" \ - https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/${TAG}/ \ -H "Content-Type: application/json" \ - -d "$json_body" + "https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/${TAG}/" \ + -d "${json_body}" - name: Check if edited release is latest GitHub release id: check @@ -81,11 +81,11 @@ jobs: -X PATCH \ -H "Authorization: Token ${RTD_TOKEN}" \ -H "Content-Type: application/json" \ - https://readthedocs.org/api/v3/projects/${RTD_SLUG}/ \ - -d "$json_body" + "https://readthedocs.org/api/v3/projects/${RTD_SLUG}/" \ + -d "${json_body}" # trigger a build for the latest version curl \ -X POST \ -H "Authorization: Token ${RTD_TOKEN}" \ - https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/latest/builds/ + "https://readthedocs.org/api/v3/projects/${RTD_SLUG}/versions/latest/builds/" diff --git a/.github/workflows/__call-update-flathub-repo.yml b/.github/workflows/__call-update-flathub-repo.yml index 3de311c5..b9798b0b 100644 --- a/.github/workflows/__call-update-flathub-repo.yml +++ b/.github/workflows/__call-update-flathub-repo.yml @@ -135,14 +135,14 @@ jobs: run: | # Get the current commit of the submodule in the main repository git submodule update --init packaging/linux/flatpak/deps/shared-modules - cd ${{ github.workspace }}/packaging/linux/flatpak/deps/shared-modules + cd "${{ github.workspace }}/packaging/linux/flatpak/deps/shared-modules" main_commit=$(git rev-parse HEAD) # update submodules - cd ${{ github.workspace }}/flathub/${{ env.FLATHUB_PKG }} + cd "${{ github.workspace }}/flathub/${{ env.FLATHUB_PKG }}" git submodule update --init shared-modules cd shared-modules - git checkout $main_commit + git checkout "${main_commit}" - name: Create/Update Pull Request id: create-pr diff --git a/.github/workflows/__call-update-pacman-repo.yml b/.github/workflows/__call-update-pacman-repo.yml index 6a172e27..620d6027 100644 --- a/.github/workflows/__call-update-pacman-repo.yml +++ b/.github/workflows/__call-update-pacman-repo.yml @@ -62,7 +62,8 @@ jobs: if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' - run: echo "pkg_name=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT + run: | + echo "pkg_name=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> "${GITHUB_OUTPUT}" - name: Download release asset id: download diff --git a/.github/workflows/__renovate-config-validator.yml b/.github/workflows/__renovate-config-validator.yml index 08e3bd1b..ede76e12 100644 --- a/.github/workflows/__renovate-config-validator.yml +++ b/.github/workflows/__renovate-config-validator.yml @@ -36,8 +36,8 @@ jobs: echo "found files: $files" - # do not quote to keep this as a single line - echo found=${files} >> $GITHUB_OUTPUT + # shellcheck disable=SC2086 # do not quote to keep this as a single line + echo found=${files} >> "${GITHUB_OUTPUT}" - name: Install npm dependencies if: steps.find-files.outputs.found != '' @@ -52,16 +52,16 @@ jobs: for FILE in ${{ steps.find-files.outputs.found }}; do file_status=0 - renovate-config-validator --strict $FILE || file_status=$? + renovate-config-validator --strict ${FILE} || file_status=$? # set github step summary if [ $file_status -ne 0 ]; then - echo ":x: $FILE: failed" >> $GITHUB_STEP_SUMMARY + echo ":x: ${FILE}: failed" >> "${GITHUB_STEP_SUMMARY}" status=1 else - echo ":white_check_mark: $FILE: passed" >> $GITHUB_STEP_SUMMARY + echo ":white_check_mark: ${FILE}: passed" >> "${GITHUB_STEP_SUMMARY}" fi done # exit with error if any file failed - exit $status + exit ${status} diff --git a/yamllint-config.yml b/.yamllint.yml similarity index 92% rename from yamllint-config.yml rename to .yamllint.yml index 8100072d..4ed04f09 100644 --- a/yamllint-config.yml +++ b/.yamllint.yml @@ -4,16 +4,18 @@ yaml-files: - '*.yml' - '.yamllint' +extends: default + rules: braces: enable brackets: enable colons: enable commas: enable comments-indentation: - level: warning + level: error document-end: disable document-start: - level: warning + level: error empty-lines: enable empty-values: disable float-values: disable