[internal] Update GitHub Actions workflow files
This commit is contained in:
Pulumi Bot
64
.github/workflows/lint.yml
vendored
64
.github/workflows/lint.yml
vendored
@@ -1,4 +1,4 @@
|
||||
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
|
||||
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
|
||||
|
||||
name: lint
|
||||
|
||||
@@ -7,15 +7,6 @@ on:
|
||||
inputs: {}
|
||||
|
||||
env:
|
||||
PROVIDER: docker-build
|
||||
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
|
||||
TRAVIS_OS_NAME: linux
|
||||
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
|
||||
GOVERSION: "1.21.x"
|
||||
NODEVERSION: "20.x"
|
||||
PYTHONVERSION: "3.11.8"
|
||||
DOTNETVERSION: "8.0.x"
|
||||
JAVAVERSION: "11"
|
||||
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
|
||||
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
|
||||
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
|
||||
@@ -29,29 +20,50 @@ env:
|
||||
GOOGLE_REGION: us-central1
|
||||
GOOGLE_ZONE: us-central1-a
|
||||
PULUMI_API: https://api.pulumi-staging.io
|
||||
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: lint
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
ref: ${{ env.PR_COMMIT_SHA }}
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
persist-credentials: false
|
||||
- env:
|
||||
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
|
||||
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
|
||||
ESC_ACTION_OIDC_AUTH: "true"
|
||||
ESC_ACTION_OIDC_ORGANIZATION: pulumi
|
||||
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
|
||||
id: esc-secrets
|
||||
name: Fetch secrets from ESC
|
||||
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
|
||||
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
|
||||
id: app-auth
|
||||
with:
|
||||
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
|
||||
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
|
||||
owner: ${{ github.repository_owner }}
|
||||
- name: Setup mise
|
||||
uses: blampe/mise-action@blampe/plugins
|
||||
env:
|
||||
MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s
|
||||
with:
|
||||
version: 2026.1.1
|
||||
github_token: ${{ steps.app-auth.outputs.token }}
|
||||
- name: Disarm go:embed directives to enable linters that compile source code
|
||||
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
|
||||
's/go:embed/ goembed/g'
|
||||
- name: golangci-lint provider pkg
|
||||
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
|
||||
with:
|
||||
install-mode: none # Handled by mise.
|
||||
working-directory: .
|
||||
name: lint
|
||||
if: github.event_name == 'repository_dispatch' ||
|
||||
github.event.pull_request.head.repo.full_name == github.repository
|
||||
plugin_install: https://github.com/pulumi/vfox-pulumi
|
||||
cache_save: false # A different job handles caching our tools.
|
||||
- name: prepare workspace
|
||||
continue-on-error: true
|
||||
run: make prepare_local_workspace
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: lint
|
||||
run: make lint
|
||||
|
||||
119
.golangci.yml
119
.golangci.yml
@@ -1,104 +1,37 @@
|
||||
run:
|
||||
timeout: 10m
|
||||
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
|
||||
|
||||
linters:
|
||||
enable-all: false
|
||||
enable:
|
||||
- depguard
|
||||
- errcheck
|
||||
- exhaustive
|
||||
- copyloopvar
|
||||
- gci
|
||||
- gocritic
|
||||
- gofumpt
|
||||
- goheader
|
||||
- gosec
|
||||
- govet
|
||||
- importas
|
||||
- ineffassign
|
||||
- lll
|
||||
- misspell
|
||||
- nakedret
|
||||
- nolintlint
|
||||
- paralleltest
|
||||
- perfsprint
|
||||
- prealloc
|
||||
- revive
|
||||
- unconvert
|
||||
- unused
|
||||
|
||||
- errcheck
|
||||
- gci
|
||||
- goconst
|
||||
- gofmt
|
||||
- gosec
|
||||
- govet
|
||||
- ineffassign
|
||||
- lll
|
||||
- gosimple
|
||||
- staticcheck
|
||||
- misspell
|
||||
- nakedret
|
||||
- revive
|
||||
- unconvert
|
||||
- unused
|
||||
enable-all: false
|
||||
issues:
|
||||
exclude-dirs:
|
||||
- pkg/vendored
|
||||
exclude-files:
|
||||
- schema.go
|
||||
- pulumiManifest.go
|
||||
run:
|
||||
timeout: 20m
|
||||
linters-settings:
|
||||
depguard:
|
||||
rules:
|
||||
protobuf:
|
||||
deny:
|
||||
- pkg: "github.com/golang/protobuf"
|
||||
desc: Use google.golang.org/protobuf instead
|
||||
gci:
|
||||
sections:
|
||||
- standard # Standard section: captures all standard library packages.
|
||||
- blank # Blank section: contains all blank imports.
|
||||
- default # Default section: contains all imports that could not be matched to another section type.
|
||||
- prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix.
|
||||
- prefix(github.com/pulumi/pulumi-dockerbuild/) # Custom section: local imports
|
||||
- prefix(github.com/pulumi/pulumi-docker-build) # Custom section: local imports
|
||||
custom-order: true
|
||||
gocritic:
|
||||
enable-all: true
|
||||
disabled-checks:
|
||||
- hugeParam
|
||||
- importShadow
|
||||
goheader:
|
||||
template: |-
|
||||
Copyright 2024, Pulumi Corporation.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
govet:
|
||||
enable:
|
||||
- nilness
|
||||
# Reject comparisons of reflect.Value with DeepEqual or '=='.
|
||||
- reflectvaluecompare
|
||||
# Reject sort.Slice calls with a non-slice argument.
|
||||
- sortslice
|
||||
# Detect write to struct/arrays by-value that aren't read again.
|
||||
- unusedwrite
|
||||
nakedret:
|
||||
# Make an issue if func has more lines of code than this setting, and it has naked returns.
|
||||
# Default: 30
|
||||
max-func-lines: 60
|
||||
nolintlint:
|
||||
# Some linter exclusions are added to generated or templated files
|
||||
# pre-emptively.
|
||||
# Don't complain about these.
|
||||
allow-unused: true
|
||||
|
||||
issues:
|
||||
exclude-use-default: false
|
||||
exclude-rules:
|
||||
# Don't warn on unused parameters.
|
||||
# Parameter names are useful; replacing them with '_' is undesirable.
|
||||
- linters: [revive]
|
||||
text: 'unused-parameter: parameter \S+ seems to be unused, consider removing or renaming it as _'
|
||||
|
||||
# staticcheck already has smarter checks for empty blocks.
|
||||
# revive's empty-block linter has false positives.
|
||||
# For example, as of writing this, the following is not allowed.
|
||||
# for foo() { }
|
||||
- linters: [revive]
|
||||
text: "empty-block: this block is empty, you can remove it"
|
||||
|
||||
# We *frequently* use the term 'new' in the context of properties
|
||||
# (new and old properties),
|
||||
# and we rarely use the 'new' built-in function.
|
||||
# It's fine to ignore these cases.
|
||||
- linters: [revive]
|
||||
text: "redefines-builtin-id: redefinition of the built-in function new"
|
||||
|
||||
Reference in New Issue
Block a user