Releases: suzuki-shunsuke/ghalint
v0.2.12
Pull Requests | Issues | v0.2.11...v0.2.12
Features
#488 Add a policy job_timeout_minutes_is_required
https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/012.md
All jobs should set timeout-minutes.
Examples
❌
jobs:
foo: # The job doesn't have `timeout-minutes`
runs-on: ubuntu-latest
steps:
- run: echo hello
⭕
jobs:
foo:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- run: echo hello
Why?
https://exercism.org/docs/building/github/gha-best-practices#h-set-timeouts-for-workflows
By default, GitHub Actions kills workflows after 6 hours if they have not finished by then. Many workflows don't need nearly as much time to finish, but sometimes unexpected errors occur or a job hangs until the workflow run is killed 6 hours after starting it. Therefore it's recommended to specify a shorter timeout.
The ideal timeout depends on the individual workflow but 30 minutes is typically more than enough for the workflows used in Exercism repos.
This has the following advantages:
PRs won't be pending CI for half the day, issues can be caught early or workflow runs can be restarted.
The number of overall parallel builds is limited, hanging jobs will not cause issues for other PRs if they are cancelled early.
Exceptions
- All steps set
timeout-minutes
jobs:
foo: # The job is missing `timeout-minutes`, but it's okay because all steps set timeout-minutes
runs-on: ubuntu-latest
steps:
- run: echo hello
timeout-minutes: 5
- run: echo bar
timeout-minutes: 5
- A job uses a reusable workflow
When a reusable workflow is called with uses
, timeout-minutes
is not available.
jobs:
foo:
uses: suzuki-shunsuke/renovate-config-validator-workflow/.github/workflows/validate.yaml@v0.2.3
v0.2.11
Pull Requests | Issues | v0.2.10...v0.2.11
Bug Fixes
#472 run-action: Fix a bug that github_app_should_limit_repositories
can't be excluded
Others
#469 Add policy name to error log
v0.2.10
Pull Requests | Issues | v0.2.9...v0.2.10
Features
#463 #464 Support excluding deny_inherit_secrets
To access Environment Secrets in a reusable workflow, you need to use secrets: inherit
.
So this release allows us to exclude deny_inherit_secrets
.
e.g.
ghalint.yaml
excludes:
- policy_name: deny_inherit_secrets
workflow_file_path: .github/workflows/actionlint.yaml
job_name: actionlint
policy_name
, workflow_file_path
, and job_name
are required.
v0.2.10-1
v0.2.9
v0.2.8
Pull Requests | Issues | v0.2.7...v0.2.8
Features
#275 #280 Support validating action.ya?ml
Others
#279 Refactoring
v0.2.7
Pull Requests | Issues | v0.2.6...v0.2.7
Features
#252 Add a global option -log-color
#203 #253 support changing log level
#254 Add links to document to error logs
#255 Add a global option -config (-c)
#256 add a new policy github_app_should_limit_repositories
#257 add a new policy github_app_should_limit_permissions
v0.2.6
Pull Requests | Issues | v0.2.5...v0.2.6
Features
#244 Add links to policy document to logs
e.g.
ERRO[0000] action ref should be full length SHA1 document="https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/008.md" job_name=release policy_name=action_ref_should_be_full_length_commit_sha program=ghalint uses=suzuki-shunsuke/go-release-workflow/.github/workflows/release.yaml@v0.4.5 version= workflow_file_path=.github/workflows/release.yaml
document="https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/008.md"
v0.2.5
Pull Requests | Issues | v0.2.4...v0.2.5
Bug Fixes
v0.2.4
Pull Requests | Issues | v0.2.3...v0.2.4
Bug Fixes
#235 #236 Fix a bug that ghalint couldn't parse workflow files if container
is a string
container: "composer:2.6.5"
When you only specify a container image, you can omit the image keyword.
ghalint should support the format too.