ivuorinen/actions
1
0
Fork 0
mirror of https://github.com/ivuorinen/actions.git synced 2026-01-26 03:23:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7061aafd35a2f21b57653e34f2b634b2a19334a9
actions/.serena/memories/development_standards.md
Ismo Vuorinen 7061aafd35 chore: add tests, update docs and actions (#299) 
* docs: update documentation

* feat: validate-inputs has it's own pyproject

* security: mask DOCKERHUB_PASSWORD

* chore: add tokens, checkout, recrete docs, integration tests

* fix: add `statuses: write` permission to pr-lint
2025-10-18 13:09:19 +03:00

3.2 KiB
Raw Blame History

Development Standards & Workflows

Quality Standards (ZERO TOLERANCE)

Production Ready Criteria

  • ALL tests pass (100% success rate)
  • ALL linting passes (zero issues)
  • ALL validation checks pass
  • NO warnings or errors

Communication

  • Direct, factual only
  • Never claim "production ready" until literally everything passes
  • No hype, buzzwords, or excessive enthusiasm

Required Commands

Development Cycle

make all        # Complete: docs, format, lint, test
make dev        # Format + lint (development)
make lint       # All linters (MUST pass 100%)
make test       # All tests (MUST pass 100%)
make format     # Auto-fix formatting

Task Completion Checklist

After ANY coding task:

  • make lint - Fix all issues (blocking)
  • make test - Ensure 100% pass
  • EditorConfig compliance verified

Validation System

make update-validators      # Generate validation rules
make update-validators-dry  # Preview changes
make generate-tests         # Create missing tests
make generate-tests-dry     # Preview test generation

Code Style

EditorConfig (BLOCKING ERRORS)

  • Indent: 2 spaces (4 for Python, tabs for Makefile)
  • Charset: UTF-8
  • Line Endings: LF
  • Max Line: 200 chars (120 for Markdown)
  • Final Newline: Required
  • Trailing Whitespace: Trimmed

Shell Scripts (REQUIRED)

#!/usr/bin/env bash
set -euo pipefail          # MANDATORY
IFS=$' \t\n'
trap cleanup EXIT
trap 'echo "Error at line $LINENO" >&2' ERR
# Always quote: "$variable", basename -- "$path"
# Check tools: command -v jq >/dev/null 2>&1

Python (Ruff)

  • Line Length: 100 chars
  • Indent: 4 spaces
  • Quotes: Double
  • Docstrings: Google style
  • Type Hints: Required

YAML/Actions

  • Indent: 2 spaces
  • Local Actions: uses: ./action-name (never ../ or @main)
  • External Actions: SHA-pinned (not @main/@v1)
  • Step IDs: Required when outputs referenced
  • Permissions: Minimal scope (contents: read default)
  • Output Sanitization: Use printf, never echo for $GITHUB_OUTPUT

Security Requirements

  1. SHA Pinning: All external actions use commit SHAs
  2. Token Safety: ${{ github.token }}, never hardcoded
  3. Input Validation: All inputs validated via centralized system
  4. Output Sanitization: printf '%s\n' "$value" >> $GITHUB_OUTPUT
  5. Injection Prevention: Validate for ;, &&, |, backticks
  6. Tool Availability: command -v tool checks before use
  7. Variable Quoting: Always "$var" in shell
  8. No Secrets: Never commit credentials/keys

Never Do

  • Never git commit (manual commits not allowed)
  • Never use --no-verify flags
  • Never modify linting config to make tests pass
  • Never assume linting issues are acceptable
  • Never skip testing after changes
  • Never create files unless absolutely necessary
  • Never nest ${{ }} in quoted YAML strings (breaks hashFiles)

Preferred Patterns

  • Edit existing files over creating new ones
  • Use centralized validation for all input handling
  • Follow existing conventions in codebase
  • Actions use composition, not dependencies
  • Custom validators in action directories
  • Convention-based automatic detection