ivuorinen/gh-action-readme
1
0
Fork 0
mirror of https://github.com/ivuorinen/gh-action-readme.git synced 2026-01-26 03:04:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: update cosign to v2.4.0 and add semantic commit validation (#69)

Browse Source
This commit is contained in:
Copilot
2025-10-04 15:08:41 +03:00
committed by GitHub
parent ce8958698f
commit d19c49bd48
10 changed files with 180 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
.commitlintrc.json Normal file
View File

@@ -0,0 +1,29 @@
{
"extends": ["@commitlint/config-conventional"],
"rules": {
"type-enum": [
2,
"always",
[
"feat",
"fix",
"docs",
"style",
"refactor",
"perf",
"test",
"chore",
"ci",
"build",
"revert"
]
],
"type-case": [2, "always", "lower-case"],
"type-empty": [2, "never"],
"subject-empty": [2, "never"],
"subject-full-stop": [2, "never", "."],
"header-max-length": [2, "always", 72],
"body-leading-blank": [1, "always"],
"footer-leading-blank": [1, "always"]
}
}

18
.github/workflows/ci.yml vendored
View File

@@ -34,23 +34,23 @@ jobs:
# Generate multiple formats for different actions to demonstrate new functionality # Generate multiple formats for different actions to demonstrate new functionality
echo "Generating documentation for example-action..." echo "Generating documentation for example-action..."
go run . gen testdata/example-action/ --output $PWD/docs/example-action.md go run . gen testdata/example-action/ --output "$PWD/docs/example-action.md"
go run . gen testdata/example-action/ -f html --output $PWD/docs/example-action.html go run . gen testdata/example-action/ -f html --output "$PWD/docs/example-action.html"
go run . gen testdata/example-action/ -f json --output $PWD/docs/example-action.json go run . gen testdata/example-action/ -f json --output "$PWD/docs/example-action.json"
echo "Generating documentation for composite-action..." echo "Generating documentation for composite-action..."
go run . gen testdata/composite-action/ --output $PWD/docs/composite-action.md go run . gen testdata/composite-action/ --output "$PWD/docs/composite-action.md"
go run . gen testdata/composite-action/ -f html --output $PWD/docs/composite-action.html go run . gen testdata/composite-action/ -f html --output "$PWD/docs/composite-action.html"
# Test single file targeting # Test single file targeting
echo "Generating from specific action.yml files..." echo "Generating from specific action.yml files..."
go run . gen testdata/example-action/action.yml --output $PWD/docs/direct-example.md go run . gen testdata/example-action/action.yml --output "$PWD/docs/direct-example.md"
go run . gen testdata/composite-action/action.yml --output $PWD/docs/direct-composite.md go run . gen testdata/composite-action/action.yml --output "$PWD/docs/direct-composite.md"
# Test recursive generation with different themes # Test recursive generation with different themes
echo "Testing recursive generation with themes..." echo "Testing recursive generation with themes..."
go run . gen testdata/ --recursive --theme minimal -f html --output $PWD/docs/all-actions-minimal.html go run . gen testdata/ --recursive --theme minimal -f html --output "$PWD/docs/all-actions-minimal.html"
go run . gen testdata/ --recursive --theme professional -f json --output $PWD/docs/all-actions-professional.json go run . gen testdata/ --recursive --theme professional -f json --output "$PWD/docs/all-actions-professional.json"
# Verify files were generated # Verify files were generated
echo "Verifying generated documentation files..." echo "Verifying generated documentation files..."

40
.github/workflows/commitlint.yml vendored Normal file
View File

@@ -0,0 +1,40 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Commit Messages
on:
pull_request:
types: [opened, synchronize, reopened]
push:
branches:
- main
permissions:
contents: read
jobs:
commitlint:
name: Validate Commit Messages
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
with:
node-version: '22'
- name: Install commitlint
run: |
npm install --save-dev @commitlint/cli@19.6.1 @commitlint/config-conventional@19.6.0
- name: Validate current commit (for single commits)
if: github.event_name == 'push'
run: npx commitlint --from HEAD~1 --to HEAD --verbose
- name: Validate PR commits
if: github.event_name == 'pull_request'
run: npx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose

2
.github/workflows/release.yml vendored
View File

@@ -34,7 +34,7 @@ jobs:
- name: Install cosign - name: Install cosign
uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0
with: with:
cosign-release: 'v2.2.2' cosign-release: 'v2.4.0'
- name: Install syft - name: Install syft
uses: anchore/sbom-action/download-syft@f8bdd1d8ac5e901a77a92f111440fdb1b593736b # v0.20.6 uses: anchore/sbom-action/download-syft@f8bdd1d8ac5e901a77a92f111440fdb1b593736b # v0.20.6

1
.gitignore vendored
View File

@@ -27,6 +27,7 @@ go.sum
/gh-action-readme /gh-action-readme
*.out *.out
actionlint
# Created readme files # Created readme files
testdata/**/*.md testdata/**/*.md

8
.pre-commit-config.yaml
View File

@@ -74,3 +74,11 @@ repos:
hooks: hooks:
- id: actionlint - id: actionlint
args: ["-shellcheck="] args: ["-shellcheck="]
# Commit message linting
- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
rev: v9.24.0
hooks:
- id: commitlint
stages: [commit-msg]
additional_dependencies: ["@commitlint/config-conventional"]

4
CONTRIBUTING.md
View File

@@ -135,7 +135,7 @@ Improve documentation and examples:
- [ ] Tests added for new features (`make test` passes) - [ ] Tests added for new features (`make test` passes)
- [ ] Documentation updated for user-facing changes - [ ] Documentation updated for user-facing changes
- [ ] No security vulnerabilities (`make security` passes) - [ ] No security vulnerabilities (`make security` passes)
- [ ] Commit messages follow conventional format - [ ] Commit messages follow [conventional commit format](docs/COMMIT_MESSAGES.md)
### PR Requirements ### PR Requirements
@@ -204,7 +204,7 @@ if err != nil {
### Commit Message Format ### Commit Message Format
Follow [Conventional Commits](https://conventionalcommits.org/): Follow [Conventional Commits](https://conventionalcommits.org/). See [docs/COMMIT_MESSAGES.md](docs/COMMIT_MESSAGES.md) for detailed guidelines.
```bash ```bash
# Feature additions # Feature additions

76
docs/COMMIT_MESSAGES.md Normal file
View File

@@ -0,0 +1,76 @@
# Semantic Commit Messages
This project follows [Conventional Commits](https://www.conventionalcommits.org/) specification for commit messages.
## Format
```
<type>(<scope>): <subject>
<body>
<footer>
```
### Type
Must be one of the following:
- **feat**: A new feature
- **fix**: A bug fix
- **docs**: Documentation only changes
- **style**: Changes that do not affect the meaning of the code (white-space, formatting, etc)
- **refactor**: A code change that neither fixes a bug nor adds a feature
- **perf**: A code change that improves performance
- **test**: Adding missing tests or correcting existing tests
- **chore**: Changes to the build process or auxiliary tools
- **ci**: Changes to CI configuration files and scripts
- **build**: Changes that affect the build system or external dependencies
- **revert**: Reverts a previous commit
### Scope
The scope is optional and can be anything specifying the place of the commit change.
### Subject
The subject contains a succinct description of the change:
- Use the imperative, present tense: "change" not "changed" nor "changes"
- Don't capitalize the first letter
- No dot (.) at the end
### Examples
```
feat: add support for AsciiDoc output format
fix: correct template rendering for empty descriptions
docs: update installation instructions
chore: prepare release v1.2.3
ci: update cosign version to v2.4.0
```
## Validation
Commit messages are validated using commitlint:
- **Pre-commit hook**: Validates commit messages before they are created (if pre-commit is installed)
- **CI/CD**: GitHub Actions workflow validates all commits in pull requests
- **Release script**: Warns if recent commits don't follow the format
## Setup
To enable local commit message validation:
```bash
# Install pre-commit hooks
make pre-commit-install
# Or manually
npm install
```
## Resources
- [Conventional Commits](https://www.conventionalcommits.org/)
- [Commitlint](https://commitlint.js.org/)

13
scripts/release.sh
View File

@@ -93,6 +93,19 @@ if ! golangci-lint run; then
exit 1 exit 1
fi fi
# Validate recent commit messages follow semantic commit format
log_info "Validating commit messages..."
if command -v npx &>/dev/null; then
# Check last 10 commits for semantic commit format
if ! npx --yes @commitlint/cli@19.6.1 --from HEAD~10 --to HEAD --verbose 2>/dev/null; then
log_warning "Some commit messages don't follow conventional commit format"
log_warning "Consider using semantic commit messages: feat:, fix:, docs:, etc."
fi
else
log_warning "npx not found. Skipping commit message validation."
log_warning "Install Node.js to enable commit message validation."
fi
# Build and test GoReleaser config # Build and test GoReleaser config
log_info "Testing GoReleaser configuration..." log_info "Testing GoReleaser configuration..."
if ! goreleaser check; then if ! goreleaser check; then