Skip to content

Commit

Permalink
Switch to reviewdog template (#2)
Browse files Browse the repository at this point in the history
  • Loading branch information
Vlaaaaaaad authored Feb 23, 2020
1 parent 2507d9e commit c22a09e
Show file tree
Hide file tree
Showing 13 changed files with 446 additions and 9 deletions.
42 changes: 42 additions & 0 deletions .github/labels.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
[
{
"name": "kind/bug",
"color": "c7def8",
"description": "Categorizes issue or PR as related to a bug"
},
{
"name": "kind/cleanup",
"color": "c7def8",
"description": "Categorizes issue or PR as related to cleaning up code, process, or technical debt"
},
{
"name": "kind/documentation",
"color": "c7def8",
"description": "Categorizes issue or PR as related to documentation"
},
{
"name": "kind/feature",
"color": "c7def8",
"description": "Categorizes issue or PR as related to a new feature"
},
{
"name": "bump:major",
"color": "ef6bb4",
"description": "Attach to PR to automatically bump major version on merge"
},
{
"name": "bump:minor",
"color": "ef6bb4",
"description": "Attach to PR to automatically bump minor version on merge"
},
{
"name": "bump:patch",
"color": "ef6bb4",
"description": "Attach to PR to automatically bump patch version on merge"
},
{
"name": "do-not-merge/hold",
"color": "e11d21",
"description": "Indicated that a PR is not to be merged"
}
]
3 changes: 3 additions & 0 deletions .github/renovate.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
{
"extends": [
"config:base"
],
"labels": [
"bump:patch"
]
}
36 changes: 36 additions & 0 deletions .github/workflows/depup.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: depup

on:
schedule:
- cron: '14 14 * * *' # Runs at 14:14 UTC every day
repository_dispatch:
types: [depup]

jobs:
reviewdog:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: haya14busa/action-depup@v1
id: depup
with:
file: Dockerfile
version_name: REVIEWDOG_VERSION
repo: reviewdog/reviewdog

- name: Create Pull Request
uses: peter-evans/create-pull-request@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
title: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}"
commit-message: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}"
body: |
Update reviewdog to [v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/releases/tag/v${{ steps.depup.outputs.latest }})
Compare [v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/compare/v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }})
This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup).
branch: depup/reviewdog
base: master
labels: "bump:minor"
10 changes: 6 additions & 4 deletions .github/workflows/dockerimage.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
name: Docker Image CI

on: [push]
on:
push:
branches:
- master
pull_request:

jobs:

Expand All @@ -11,8 +15,6 @@ jobs:
steps:
- name: Clone repo
uses: actions/checkout@master
with:
fetch-depth: 1

- name: Build the Docker image
run: docker build . --file Dockerfile --tag tfsec:$(date +%s)
run: docker build . --file Dockerfile --tag $( echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]' ):$(date +%s)
23 changes: 23 additions & 0 deletions .github/workflows/labels.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Labels

on:
push:
paths:
- .github/labels.json
- .github/workflows/labels.yml
branches:
- master

jobs:
Manage:
name: Manage GitHub labels
runs-on: ubuntu-latest

steps:
- name: Checkout
uses: actions/checkout@master

- name: Manage labels
uses: lannonbr/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
49 changes: 49 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: release

on:
push:
branches:
- master
tags:
- 'v*.*.*'

jobs:
release:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

# Bump version on merging Pull Requests with specific labels.
# (bump:major,bump:minor,bump:patch)
- id: bumpr
if: "!startsWith(github.ref, 'refs/tags/')"
uses: haya14busa/action-bumpr@v1

# Update corresponding major and minor tag.
# e.g. Update v1 and v1.2 when releasing v1.2.3
- uses: haya14busa/action-update-semver@v1
if: "!steps.bumpr.outputs.skip"
with:
tag: ${{ steps.bumpr.outputs.next_version }}

# Get tag name.
- id: tag
uses: haya14busa/action-cond@v1
with:
cond: "${{ startsWith(github.ref, 'refs/tags/') }}"
if_true: ${{ github.ref }}
if_false: ${{ steps.bumpr.outputs.next_version }}

# Create release.
- uses: actions/create-release@v1
if: "steps.tag.outputs.value != ''"
env:
# This token is provided by Actions, you do not need to create your own token
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.tag.outputs.value }}
release_name: Release ${{ steps.tag.outputs.value }}
body: ${{ steps.bumpr.outputs.message }}
draft: false
prerelease: false
62 changes: 62 additions & 0 deletions .github/workflows/reviewdog.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: reviewdog

on:
push:
branches:
- master
pull_request:

jobs:
shellcheck:
name: runner / shellcheck
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: haya14busa/action-cond@v1
id: reporter
with:
cond: ${{ github.event_name == 'pull_request' }}
if_true: "github-pr-review"
if_false: "github-check"

- uses: reviewdog/action-shellcheck@v1
with:
github_token: ${{ secrets.github_token }}
reporter: ${{ steps.reporter.outputs.value }}
level: warning

hadolint:
name: runner / hadolint
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: haya14busa/action-cond@v1
id: reporter
with:
cond: ${{ github.event_name == 'pull_request' }}
if_true: "github-pr-review"
if_false: "github-check"

- uses: reviewdog/action-hadolint@v1
with:
github_token: ${{ secrets.github_token }}
reporter: ${{ steps.reporter.outputs.value }}
level: warning

misspell:
name: runner / misspell
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: reviewdog/action-misspell@v1
with:
github_token: ${{ secrets.github_token }}
reporter: github-check
level: warning
locale: "US"
123 changes: 123 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
name: Test

on:
push:
branches:
- master
pull_request:

jobs:
test-check:
name: runner / tfsec (github-check)
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
reporter: github-check
level: info
working_directory: testdata

# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
tfsec_return="${{ steps.test.outputs.tfsec-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [ "$tfsec_return" -eq 1 ]; then
echo "tfsec correctly returned failure ${tfsec_return}"
else
echo "tfsec returned ${tfsec_return}, expected '1'. Failing..."
exit 1
fi
if [ "$reviewdog_return" -eq 0 ]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-pr-check:
if: github.event_name == 'pull_request'
name: runner / tfsec (github-pr-check)
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
reporter: github-pr-check
level: info
working_directory: testdata

# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
tfsec_return="${{ steps.test.outputs.tfsec-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [ "$tfsec_return" -eq 1 ]; then
echo "tfsec correctly returned failure ${tfsec_return}"
else
echo "tfsec returned ${tfsec_return}, expected '1'. Failing..."
exit 1
fi
if [ "$reviewdog_return" -eq 0 ]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-pr-review:
if: github.event_name == 'pull_request'
name: runner / tfsec (github-pr-review)
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2

- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
reporter: github-pr-review
level: info
working_directory: testdata

# The check is expected to fail on the test data
# but for forked PRs reviewdog will just output
# on the PR and report success
- name: Check return codes
if: success() || failure ()
run: |
tfsec_return="${{ steps.test.outputs.tfsec-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [ "$tfsec_return" -eq 1 ]; then
echo "tfsec correctly returned failure ${tfsec_return}"
else
echo "tfsec returned ${tfsec_return}, expected '1'. Failing..."
exit 1
fi
if [ "$reviewdog_return" -eq 0 ]; then
echo "reviewdog correctly returned failure: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
9 changes: 7 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
FROM alpine:3.11

RUN apk --no-cache --update add git curl \
ENV REVIEWDOG_VERSION=v0.9.17

# hadolint ignore=DL3018
RUN apk --no-cache --update add bash git \
&& rm -rf /var/cache/apk/*

SHELL ["/bin/bash", "-eo", "pipefail", "-c"]

RUN wget -O - -q https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b /usr/local/bin/

RUN curl -L "$(curl -s https://api.github.com/repos/liamg/tfsec/releases/latest | grep -o -E "https://.+?-linux-amd64")" > tfsec \
RUN wget -O - -q "$(wget -q https://api.github.com/repos/liamg/tfsec/releases/latest -O - | grep -o -E "https://.+?-linux-amd64")" > tfsec \
&& install tfsec /usr/local/bin/

COPY entrypoint.sh /entrypoint.sh
Expand Down
Loading

0 comments on commit c22a09e

Please sign in to comment.