From 13fcee13e37a41ec716edd3f46d0f358263c00e6 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:02:45 +0200 Subject: [PATCH 01/13] Move mega-linter.yml in the correct directory --- .github/{ => workflows}/mega-linter.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{ => workflows}/mega-linter.yml (100%) diff --git a/.github/mega-linter.yml b/.github/workflows/mega-linter.yml similarity index 100% rename from .github/mega-linter.yml rename to .github/workflows/mega-linter.yml From db9e19db976e056624f6c8f8d50e182c670754c3 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:06:33 +0200 Subject: [PATCH 02/13] Automatically apply fixes from Mega Linter --- .github/workflows/mega-linter.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 7b1e118..2b2ac52 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -10,7 +10,7 @@ permissions: read-all env: # Comment env block if you do not want to apply fixes # Apply linter fixes configuration - APPLY_FIXES: none # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) + APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool) APPLY_FIXES_EVENT: pull_request # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all) APPLY_FIXES_MODE: commit # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request) @@ -21,7 +21,7 @@ concurrency: jobs: build: name: MegaLinter - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: # Git Checkout - name: Checkout Code From 031af372f7bfb5bbaf147d8807acb03916a014d7 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:16:06 +0200 Subject: [PATCH 03/13] Dump a git diff in MegaLinter's output --- .github/workflows/mega-linter.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 2b2ac52..b2d4182 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -52,6 +52,11 @@ jobs: megalinter-reports mega-linter.log + - name: git diff + if: steps.ml.outputs.has_updated_sources == 1 + run: | + git diff + # Create pull request if applicable (for now works only on PR from same repository, not from forks) - name: Create Pull Request with applied fixes id: cpr From 36395a108c7c68af3b637a40fd5a26f0d85ffb88 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:21:27 +0200 Subject: [PATCH 04/13] Do not execute contains as root --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index fa0188a..8171f10 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ -# Container image that runs your code FROM alpine:3.10 +USER 1001 # Copies your code file from your action repository to the filesystem path `/` of the container COPY entrypoint.sh /entrypoint.sh From 0ff64cf32b0661509190183728d5b44e385266fc Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:22:54 +0200 Subject: [PATCH 05/13] Specify a dummy healtcheck command to satisfy linters --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 8171f10..446b886 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,6 @@ FROM alpine:3.10 USER 1001 +HEALTHCHECK CMD true # Copies your code file from your action repository to the filesystem path `/` of the container COPY entrypoint.sh /entrypoint.sh From 61b85f96801e3e720090971c53eabd5d35ead819 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:24:31 +0200 Subject: [PATCH 06/13] Shell quotes --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index c4d55d0..a9da195 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -21,4 +21,4 @@ ls -laR "$GITHUB_WORKSPACE" echo "+++++ END" -echo "time=$time" >> $GITHUB_OUTPUT +echo "time=$time" >> "$GITHUB_OUTPUT" From 6bee838463fe45cec2c46d1e7a05237b9783487b Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:25:04 +0200 Subject: [PATCH 07/13] read-only permissions for GitHub actions --- .github/workflows/main.yml | 2 ++ .github/workflows/pr.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7534fa5..689062c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,7 @@ on: [push] +permissions: read-all + jobs: hello_world_job: runs-on: ubuntu-latest diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 1ca4007..c77ac02 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -1,6 +1,8 @@ on: pull_request: +permissions: read-all + jobs: pr_container_job: runs-on: ubuntu-latest From 13df56845b415fafc9d0cc6f06cf5929bec932dd Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:27:30 +0200 Subject: [PATCH 08/13] Disable cspell - lots of false positives --- .mega-linter.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .mega-linter.yml diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..ec484e8 --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,3 @@ +--- +DISABLE_LINTERS: + - SPELL_CSPELL From ec4a6e98ab26481cfbf6e687629c935a11b3f1a3 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:35:31 +0200 Subject: [PATCH 09/13] Give MegaLiner permissions to auto-commit in this repo --- .github/workflows/mega-linter.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index b2d4182..596528e 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -22,6 +22,9 @@ jobs: build: name: MegaLinter runs-on: ubuntu-latest + permissions: + actions: write + contents: write steps: # Git Checkout - name: Checkout Code From 3ce9f57366bb7337e3a53bd650186a2c72bc5933 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Mon, 26 Feb 2024 23:53:01 +0200 Subject: [PATCH 10/13] Disable comments on pull request --- .mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.mega-linter.yml b/.mega-linter.yml index ec484e8..d7fc7b0 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -1,3 +1,4 @@ --- DISABLE_LINTERS: - SPELL_CSPELL +GITHUB_COMMENT_REPORTER: false From 2fcf3ea1b51c54f6f0957ff3f90639c1e9291460 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Tue, 27 Feb 2024 00:12:50 +0200 Subject: [PATCH 11/13] Remove megalinter-reports/ b/c they end-up in auto-commits --- .github/workflows/mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 596528e..7c42b9b 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -59,6 +59,7 @@ jobs: if: steps.ml.outputs.has_updated_sources == 1 run: | git diff + sudo rm -rf mega-linter.log megalinter-reports/ # Create pull request if applicable (for now works only on PR from same repository, not from forks) - name: Create Pull Request with applied fixes From c44d32570a09aeb7fcd66e2745d752e7d80c9187 Mon Sep 17 00:00:00 2001 From: Alexander Todorov Date: Tue, 27 Feb 2024 00:24:30 +0200 Subject: [PATCH 12/13] Don't auto-commit patches to .github/workflows b/c github does not let us do this --- .github/workflows/mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 7c42b9b..ad0d0ac 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -60,6 +60,7 @@ jobs: run: | git diff sudo rm -rf mega-linter.log megalinter-reports/ + git checkout .github/workflows/ # Create pull request if applicable (for now works only on PR from same repository, not from forks) - name: Create Pull Request with applied fixes From 2348005916d78be351b95b5b2eab4ead4e1b7441 Mon Sep 17 00:00:00 2001 From: atodorov Date: Mon, 26 Feb 2024 22:28:10 +0000 Subject: [PATCH 13/13] [MegaLinter] Apply linters fixes --- action.yml | 16 ++++++++-------- entrypoint.sh | 4 +--- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index 782c830..25caa1f 100644 --- a/action.yml +++ b/action.yml @@ -1,16 +1,16 @@ # action.yml -name: 'Hello World' -description: 'Greet someone and record the time' +name: "Hello World" +description: "Greet someone and record the time" inputs: - who-to-greet: # id of input - description: 'Who to greet' + who-to-greet: # id of input + description: "Who to greet" required: true - default: 'World' + default: "World" outputs: time: # id of output - description: 'The time we greeted you' + description: "The time we greeted you" runs: - using: 'docker' - image: 'Dockerfile' + using: "docker" + image: "Dockerfile" args: - ${{ inputs.who-to-greet }} diff --git a/entrypoint.sh b/entrypoint.sh index a9da195..231cef7 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -15,10 +15,8 @@ echo "++++ triggering event" cat "$GITHUB_EVENT_PATH" echo "+++++ END" - echo "++++ list $GITHUB_WORKSPACE" ls -laR "$GITHUB_WORKSPACE" echo "+++++ END" - -echo "time=$time" >> "$GITHUB_OUTPUT" +echo "time=$time" >>"$GITHUB_OUTPUT"