--- # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json name: MegaLinter on: push: branches: - main - master paths-ignore: - '**.md' - 'docs/**' - '.github/*.md' - 'LICENSE' pull_request: branches: - main - master paths-ignore: - '**.md' - 'docs/**' - '.github/*.md' - 'LICENSE' merge_group: env: # Apply linter fixes configuration APPLY_FIXES: all APPLY_FIXES_EVENT: pull_request APPLY_FIXES_MODE: commit # Disable linters that do not work or conflict DISABLE_LINTERS: REPOSITORY_DEVSKIM # Additional settings VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} GITHUB_TOKEN: ${{ secrets.FIXIMUS_TOKEN || secrets.GITHUB_TOKEN }} # Report configuration REPORT_OUTPUT_FOLDER: megalinter-reports ENABLE_SUMMARY_REPORTER: true ENABLE_SARIF_REPORTER: true concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true permissions: contents: read jobs: megalinter: name: MegaLinter runs-on: ubuntu-latest timeout-minutes: 30 permissions: contents: write issues: write pull-requests: write security-events: write steps: - name: Checkout Code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.FIXIMUS_TOKEN || secrets.GITHUB_TOKEN }} fetch-depth: 0 - name: MegaLinter id: ml uses: oxsecurity/megalinter/flavors/cupcake@ec124f7998718d79379a3c5b39f5359952baf21d # v8.4.2 env: PARALLEL: true # Run linters in parallel FILTER_REGEX_EXCLUDE: '(\.automation/test|docs/json-schemas|\.github/workflows)' # Error configuration ERROR_ON_MISSING_EXEC_BIT: true CLEAR_REPORT_FOLDER: true PRINT_ALPACA: false SHOW_ELAPSED_TIME: true # File configuration YAML_YAMLLINT_CONFIG_FILE: .yamllint.yml YAML_PRETTIER_CONFIG_FILE: .prettierrc.yml YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: '(\.automation/test|docs/json-schemas|\.github/workflows)' - name: Check MegaLinter Results id: check-results if: always() shell: bash run: | echo "status=success" >> "$GITHUB_OUTPUT" if [ -f "${{ env.REPORT_OUTPUT_FOLDER }}/megalinter.log" ]; then if grep -q "ERROR\|CRITICAL" "${{ env.REPORT_OUTPUT_FOLDER }}/megalinter.log"; then echo "Linting errors found" echo "status=failure" >> "$GITHUB_OUTPUT" fi else echo "::warning::MegaLinter log file not found" fi - name: Upload Reports if: always() uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: MegaLinter reports path: | megalinter-reports mega-linter.log retention-days: 30 - name: Upload SARIF Report if: always() && hashFiles('megalinter-reports/sarif/*.sarif') uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: sarif_file: megalinter-reports/sarif category: megalinter - name: Prepare Git for Fixes if: steps.ml.outputs.has_updated_sources == 1 shell: bash run: | sudo chown -Rc $UID .git/ git config --global user.name "fiximus" git config --global user.email "github-bot@ivuorinen.net" - name: Create Pull Request if: | steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 id: cpr with: token: ${{ secrets.FIXIMUS_TOKEN || secrets.GITHUB_TOKEN }} commit-message: '[MegaLinter] Apply linters automatic fixes' title: '[MegaLinter] Apply linters automatic fixes' labels: bot branch: megalinter/fixes-${{ github.ref_name }} branch-suffix: timestamp delete-branch: true body: | ## MegaLinter Fixes MegaLinter has identified and fixed code style issues. ### 🔍 Changes Made - Automated code style fixes - Formatting improvements - Lint error corrections ### 📝 Notes - Please review the changes carefully - Run tests before merging - Verify formatting matches project standards > Generated automatically by MegaLinter - name: Commit Fixes if: | steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix') uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 with: branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }} commit_message: | style: apply MegaLinter fixes [skip ci] commit_user_name: fiximus commit_user_email: github-bot@ivuorinen.net push_options: --force - name: Create Status Check if: always() uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | const status = '${{ steps.check-results.outputs.status }}'; const conclusion = status === 'success' ? 'success' : 'failure'; const summary = `## MegaLinter Results ${status === 'success' ? '✅ All checks passed' : '❌ Issues found'} [View detailed report](${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}) `; await core.summary .addRaw(summary) .write(); if (status !== 'success') { core.setFailed('MegaLinter found issues'); } - name: Cleanup if: always() shell: bash run: | # Remove temporary files but keep reports find . -type f -name "megalinter.*" ! -name "megalinter-reports" -delete || true find . -type d -name ".megalinter" -exec rm -rf {} + || true