Merge pull request #36 from trifork/feature/megalinter

added megalinter workflow
trifork · Oct 12, 2023 · 15442fb · 15442fb
2 parents d864e17 + c674047
commit 15442fb
Show file tree

Hide file tree

Showing 21 changed files with 5,941 additions and 6,051 deletions.
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -1,5 +1,6 @@
+---
 name: "e2e"
-on:
+"on":
   workflow_dispatch:
 
   push:
@@ -24,11 +25,12 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.PACKAGE_PAT }} # we need this, as GITHUB_TOKEN only have permission to its own repo
-        # OpenSearch is required for integration tests
-      #- name: docker network create cheetah-infrastructure
+
+      # OpenSearch is required for integration tests
+      # - name: docker network create cheetah-infrastructure
       #  run: docker network create cheetah-infrastructure
       - name: Run development environment
-        run: docker compose --profile opensearch --profile kafka --profile oauth --profile schemaregistry up --quiet-pull --force-recreate -d 
+        run: docker compose --profile opensearch --profile kafka --profile oauth --profile schemaregistry up --quiet-pull --force-recreate -d
 
       - name: Start mye2eclient container in shared network
         run: docker run -d -v "${PWD}/tests/:/opt/tests/" -it --name mye2eclient --network=cheetah-infrastructure alpine:latest
@@ -59,5 +61,3 @@ jobs:
 
       - name: schemaregistry test
         run: docker exec mye2eclient bash /opt/tests/schemaregistry.sh
-      #- name: "see logs"
-      #  run: docker logs cheetah-lib-templates-java-e2e-job-name-job
diff --git a/.github/workflows/megalinter.yaml b/.github/workflows/megalinter.yaml
@@ -0,0 +1,89 @@
+---
+name: MegaLinter
+
+"on":
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+# Give the default GITHUB_TOKEN write permission to commit and push, comment
+# issues & post new PR; remove the ones you do not need
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+  checks: write
+  actions: write
+
+env:
+  # When active, APPLY_FIXES must also be defined as environment variable
+  # (in github/workflows/mega-linter.yml or other CI tool)
+  APPLY_FIXES: all
+
+  # Decide which event triggers application of fixes in a commit or a PR
+  # (pull_request, push, all)
+  APPLY_FIXES_EVENT: pull_request
+
+  # If APPLY_FIXES is used, defines if the fixes are directly committed (commit)
+  # or posted in a PR (pull_request)
+  APPLY_FIXES_MODE: commit
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  megalinter:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+
+    steps:
+      # Git Checkout
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      # MegaLinter
+      - name: MegaLinter
+        # You can override MegaLinter flavor used to have faster performances
+        # More info at https://megalinter.io/flavors/
+        uses: oxsecurity/megalinter/flavors/ci_light@v7
+        id: ml
+        # All available variables are described in documentation
+        # https://megalinter.io/configuration/
+        env:
+          VALIDATE_ALL_CODEBASE: true
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          DISABLE_LINTERS: "MARKDOWN_MARKDOWN_LINK_CHECK,REPOSITORY_GITLEAKS,REPOSITORY_SECRETLINT"
+          DISABLE_ERRORS_LINTERS: "YAML_YAMLLINT"
+          # YAML_YAMLLINT_DISABLE_ERRORS: "true"
+          # DISABLE: COPYPASTE,SPELL
+
+      # Upload MegaLinter artifacts
+      - name: Archive production artifacts
+        uses: actions/upload-artifact@v3
+        if: ${{ success() }} || ${{ failure() }}
+        with:
+          name: MegaLinter reports
+          path: |
+            megalinter-reports
+            mega-linter.log
+
+      # Push new commit if applicable (for now works only on PR from same repository, not from forks)
+      - name: Prepare commit
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        run: sudo chown -Rc $UID .git/
+
+      - name: Commit and push applied linter fixes
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        uses: stefanzweifel/git-auto-commit-action@v5
+        with:
+          branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}
+          commit_message: "[MegaLinter] Apply linters fixes"
+          commit_user_name: megalinter-bot
+          commit_user_email: nicolas.vuillamy@ox.security
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 *.pem
-*.pfx
+*.pfx
+megalinter-reports/
diff --git a/config/grafana/provisioning/dashboards/dashboard.yml b/config/grafana/provisioning/dashboards/dashboard.yml
@@ -1,3 +1,4 @@
+---
 apiVersion: 1
 
 providers: