From 03ad296cd3091cdd45bc36a5894379f50017b4c9 Mon Sep 17 00:00:00 2001 From: Ning Shang Date: Thu, 7 Mar 2024 16:19:01 -0800 Subject: [PATCH 1/4] GHA: update actions Update actions/checkout to v4.1.1, moving away from deprecated node 12. Update ruby/setup-ruby to v1.172.0, fixing a bug. --- .github/workflows/markdownlint.yml | 8 ++++---- .github/workflows/shellcheck.yml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index ce7f5cf..090ad6b 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -19,12 +19,12 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: "Checkout repository" - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - name: "Install Ruby" - # v1.117.0 - uses: ruby/setup-ruby@3068fa83f9cbd7ae106cac45483635a2f3a195c9 + # v1.172.0 + uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 with: - ruby-version: '3.0' + ruby-version: '3.3' bundler-cache: true - name: "Install mdl" run: gem install mdl diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 91e6905..0896336 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -17,7 +17,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4.1.1 - name: Install shellcheck on Ubuntu run: | sudo apt update From 703b65dab4651564e577e68cb9683b14f6c3f6e2 Mon Sep 17 00:00:00 2001 From: Ning Shang Date: Thu, 7 Mar 2024 16:31:06 -0800 Subject: [PATCH 2/4] Update CODEOWNERS Add @wmagda as a code owner. --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 5d9efe4..bf74e08 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,2 +1,2 @@ # See https://help.github.com/articles/about-codeowners/ -* @syncom @pldubouilh @russellchapin +* @syncom @pldubouilh @russellchapin @wmagda From c92ca6d640f9cf8338cc33de352b6b23694abfd7 Mon Sep 17 00:00:00 2001 From: Ning Shang Date: Thu, 7 Mar 2024 16:35:18 -0800 Subject: [PATCH 3/4] Join shellcheck and markdownlint into one workflow Use a single "sanity checks" workflow for these two jobs. --- .github/workflows/sanity.yml | 65 ++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 .github/workflows/sanity.yml diff --git a/.github/workflows/sanity.yml b/.github/workflows/sanity.yml new file mode 100644 index 0000000..ba839f8 --- /dev/null +++ b/.github/workflows/sanity.yml @@ -0,0 +1,65 @@ +name: 'Sanity Checks' + +on: + push: + branches: + - 'main' + pull_request: + branches: + - 'main' + +jobs: + # markdownlint: https://github.com/markdownlint/markdownlint + mdl: + name: 'markdownlint' + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: 'Checkout repository' + uses: actions/checkout@v4.1.1 + - name: "Install Ruby" + # v1.172.0 + uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 + with: + ruby-version: '3.3' + bundler-cache: true + - name: 'Install mdl' + run: gem install mdl + - name: 'Run mdl' + run: | + set -euxo pipefail + cd ${{ github.workspace }}/ + mdl --version + for f in $(find . \( -path ./.git -o -path ./bin -o -path ./.github \) -prune -o -type f -name "*.md" -print); do + mdl "$f" + done + + shellcheck: + name: "shellcheck" + strategy: + fail-fast: false + # Run on Linux + matrix: + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Checkout repository + uses: actions/checkout@v4.1.1 + - name: Install shellcheck on Ubuntu + run: | + sudo apt update + sudo apt install shellcheck -y + + - name: Run shellcheck + run: | + set -euxo pipefail + cd ${{ github.workspace }}/ + shellcheck --version + for f in $(find . \( -path ./.git -o -path ./bin \) -prune -o -type f -print); do + if file "$f" | grep "shell script" &>/dev/null; then + shellcheck -x "$f" + fi + done From 5dae5c5376b334829cb0882c41e47882c1e8d0c1 Mon Sep 17 00:00:00 2001 From: Ning Shang Date: Thu, 7 Mar 2024 16:38:45 -0800 Subject: [PATCH 4/4] Remove deprecated workflows Remove the old shellcheck and markdownlint workflows. --- .github/workflows/markdownlint.yml | 38 ------------------------------ .github/workflows/shellcheck.yml | 35 --------------------------- README.md | 3 +-- 3 files changed, 1 insertion(+), 75 deletions(-) delete mode 100644 .github/workflows/markdownlint.yml delete mode 100644 .github/workflows/shellcheck.yml diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml deleted file mode 100644 index 090ad6b..0000000 --- a/.github/workflows/markdownlint.yml +++ /dev/null @@ -1,38 +0,0 @@ -# markdownlint: https://github.com/markdownlint/markdownlint -name: "markdownlint" - -on: - push: - branches: - - 'main' - pull_request: - branches: - - 'main' - -jobs: - mdl: - name: "markdownlint" - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest] - runs-on: ${{ matrix.os }} - steps: - - name: "Checkout repository" - uses: actions/checkout@v4.1.1 - - name: "Install Ruby" - # v1.172.0 - uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 - with: - ruby-version: '3.3' - bundler-cache: true - - name: "Install mdl" - run: gem install mdl - - name: "Run mdl" - run: | - set -euxo pipefail - cd ${{ github.workspace }}/ - mdl --version - for f in $(find . \( -path ./.git -o -path ./bin -o -path ./.github \) -prune -o -type f -name "*.md" -print); do - mdl "$f" - done \ No newline at end of file diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml deleted file mode 100644 index 0896336..0000000 --- a/.github/workflows/shellcheck.yml +++ /dev/null @@ -1,35 +0,0 @@ -# Shell script linting -name: "Shellcheck" -on: - push: - branches: [main] - pull_request: - branches: [main] - -jobs: - shellcheck: - name: "shellcheck" - strategy: - fail-fast: false - # Run on Linux - matrix: - os: [ubuntu-latest] - runs-on: ${{ matrix.os }} - steps: - - name: Checkout repository - uses: actions/checkout@v4.1.1 - - name: Install shellcheck on Ubuntu - run: | - sudo apt update - sudo apt install shellcheck -y - - - name: Run shellcheck - run: | - set -euxo pipefail - cd ${{ github.workspace }}/ - shellcheck --version - for f in $(find . \( -path ./.git -o -path ./bin \) -prune -o -type f -print); do - if file "$f" | grep "shell script" &>/dev/null; then - shellcheck -x "$f" - fi - done diff --git a/README.md b/README.md index e47b69b..ada8b72 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ # trh-k: Thistle Release Helper with KMS Signing -[![Shellcheck](https://github.com/thistletech/trh-k/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/thistletech/trh-k/actions/workflows/shellcheck.yml) -[![Markdown Lint](https://github.com/thistletech/trh-k/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/thistletech/trh-k/actions/workflows/markdownlint.yml) +[![Sanity checks](https://github.com/thistletech/trh-k/actions/workflows/sanity.yml/badge.svg)](https://github.com/thistletech/trh-k/actions/workflows/sanity.yml) This repository contains the tools and instructions for releasing a Thistle OTA update bundle signed with a key managed in a Cloud KMS (key management system).