Fork: 0
physicsdolphin / thu-learn-downloader-optimized
Transfer to URL with SHA Find file
Newer
Older
thu-learn-downloader-optimized / .github / workflows / megalinter.yaml
@liblaf-bot[bot] liblaf-bot[bot] on 14 Oct 2024 5 KB chore(repo): sync with repository template
Raw Blame History 
# ref: <https://github.com/oxsecurity/megalinter/blob/225e1b5c3a044775005d0ec772cabee5d21006ed/mega-linter-runner/generators/mega-linter/templates/mega-linter.yml>
# ref: <https://megalinter.io>

name: MegaLinter

on:
  push:
  pull_request:
    branches:
      - main

env:
  APPLY_FIXES: all
  APPLY_FIXES_EVENT: pull_request
  APPLY_FIXES_MODE: commit

concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}
  cancel-in-progress: true

jobs:
  megalinter:
    name: MegaLinter
    permissions:
      contents: write
      issues: write
      pull-requests: write
      security-events: write
      statuses: write
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          token: ${{ github.token }}
      - id: ml
        name: MegaLinter
        uses: oxsecurity/megalinter@v8
        # ref: <https://megalinter.io/latest/config-file/>
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          # Common Variables
          MEGALINTER_CONFIG: .github/.mega-linter.yaml
          VALIDATE_ALL_CODEBASE: true
          # Linters
          PYTHON_PYRIGHT_DISABLE_ERRORS: true
          # Reporters
          TEXT_REPORTER: true
          GITHUB_COMMENT_REPORTER: true
          GITHUB_STATUS_REPORTER: true
          SARIF_REPORTER: true
          UPDATED_SOURCES_REPORTER: true
          CONFIG_REPORTER: true
          CONSOLE_REPORTER: true
          JSON_REPORTER: true
          MARKDOWN_SUMMARY_REPORTER: true
      - if: success() || failure()
        name: Archive production artifacts
        uses: actions/upload-artifact@v4
        with:
          name: MegaLinter reports
          path: |-
            mega-linter.log
            megalinter-reports/
      - if: success() || failure()
        name: Upload MegaLinter scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: megalinter-reports/megalinter-report.sarif
      - if: success() || failure()
        name: Add GitHub summary
        run: cat megalinter-reports/megalinter-report.md >> "$GITHUB_STEP_SUMMARY"
      - name: Remove MegaLinter reports
        run: >-
          sudo rm --force --recursive
          .checkov.yml
          .devskim.json
          kics.config
          mega-linter.log
          megalinter-reports/
      - id: cpr
        if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'pull_request' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        name: Create Pull Request with applied fixes
        uses: peter-evans/create-pull-request@v7
        with:
          token: ${{ github.token }}
          commit-message: "chore(MegaLinter): apply linters automatic fixes"
          title: "chore(MegaLinter): apply linters automatic fixes"
          # TODO: add labels
      - if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'pull_request' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        name: Create PR output
        run: |
          echo "PR Number - ${{ steps.cpr.outputs.pull-request-number }}"
          echo "PR URL - ${{ steps.cpr.outputs.pull-request-url }}"
      - if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'commit' &&
          github.ref != 'refs/heads/main' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        name: Prepare commit
        run: sudo chown -Rc $UID .git/
      - if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'commit' &&
          github.ref != 'refs/heads/main' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        name: Commit and push applied linter fixes
        uses: stefanzweifel/git-auto-commit-action@v5
        with:
          branch: >-
            ${{
              github.event.pull_request.head.ref ||
              github.head_ref ||
              github.ref
            }}
          commit_message: "chore(MegaLinter): apply linters fixes"
          commit_user_name: megalinter-bot
          commit_user_email: [email protected]