fix(lint): w/a for ruamel lint errors #552
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| concurrency: | |
| cancel-in-progress: true | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| # Check that the project is able to configure the current user | |
| # This is the main use case, except for the fact that the current user is root due to GitHub Actions defaults | |
| # This might not be representative, so here we just check that configuring the current user works | |
| # Also, this job also checks formatting | |
| check_current_user: | |
| env: | |
| HOME: /root | |
| runs-on: ubuntu-22.04 | |
| container: ubuntu:22.04 | |
| steps: | |
| # checkout action falls back to REST API if it does not find 'git', | |
| # which is a case in our virgin container | |
| # This leads to a missing .git directory and complaining | |
| # format check step | |
| # As an exception, let's install git. | |
| # More precise checks will be done in another jobs | |
| - name: Install git | |
| run: apt update && apt-get install --yes --no-install-recommends git ca-certificates | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # Checkout action sets repo as safe, but this does not look like to work inside container | |
| - name: Mark repo as safe | |
| run: git config --system --add safe.directory $(pwd) | |
| - name: Bootstrap control node | |
| run: ./bootstrap.sh | |
| - name: Config | |
| run: ./main.py config | |
| - name: Check idempotence | |
| run: ./main.py config --verify-unchanged | |
| # All format checks only available after complete machine setup | |
| # So, we need to do them in one of the check jobs | |
| - name: Check format | |
| run: | | |
| export PATH="$HOME/.local/bin/:$PATH" | |
| ./main.py format | |
| if [[ -n "$(git diff)" ]]; then | |
| echo "Code is not formatted." | |
| git diff | |
| exit 1 | |
| fi | |
| # As mentioned, previous check for the root user might not be representative | |
| # Thus, all the main checks are done by root for the "random_user" | |
| check: | |
| runs-on: ubuntu-22.04 | |
| container: ${{ matrix.image }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Bootstrap control node | |
| run: ./bootstrap.sh | |
| - name: Config | |
| run: ./main.py config --user random_user | |
| - name: Check idempotence | |
| run: ./main.py config --user random_user --verify-unchanged | |
| strategy: | |
| matrix: | |
| image: | |
| - ubuntu:22.04 | |
| - ubuntu:23.04 | |
| - ubuntu:23.10 | |
| - ubuntu:24.04 | |
| - fedora:38 | |
| - fedora:39 | |
| - fedora:40 | |
| # Check that the project is able to configure remote host, with a user different from the current one | |
| check_remote: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Check remote config | |
| run: ./main.py config --host dotfiles_ubuntu_22.04 --user random_user --mode reduced | |
| - name: Check remote idempotence | |
| run: ./main.py config --host dotfiles_ubuntu_22.04 --user random_user --mode reduced --verify-unchanged | |
| lint: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| # Checkout must be onto the original commit, not a single PR | |
| # Otherwise lint will not see full history and diagnose secrets leakage | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Lint | |
| run: ./main.py lint | |
| scripts: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Generate roles graph | |
| run: ./main.py graph | |
| - name: Check update works | |
| run: ./main.py update | |
| - name: Show diff | |
| run: git diff | |
| name: dotfiles workflow | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main |