-
Notifications
You must be signed in to change notification settings - Fork 297
130 lines (117 loc) · 3.38 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
---
# file format documented at:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: CI
on: [push, pull_request]
jobs:
# TODO: check project builds/compiles correctly? maybe with tsc?
# TODO: add tests including coverage (jest and mocha/chai?)
lint_src_files:
name: Lint source files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 18
- run: npm ci
- name: Lint source files with Prettier
run: >
npx prettier --check
.
--config
.prettierrc.yaml
--ignore-path
.prettierignore
- name: Lint source files with ESLint
run: >
npx eslint
.
--config
.eslintrc.yaml
--ignore-path
.eslintignore
check-npm-dependencies:
name: Check npm dependencies
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 18
- run: npm ci
- name: Scan for known vulnerabilities in dependencies with npm audit
run: >
npm audit
--audit-level
critical
- name: Check for unused and missing dependencies with depcheck
run: >
npx depcheck
--ignores
typescript,prettier
- name: Check for outdated packages with npm outdated
run: npm outdated
- name: Check for outdated packages with npm-check-updates
run: npx npm-check-updates
find_todos:
name: Search for TODOs etc
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Search for TODO, FIXME, and BUG statements in source files
run: >
if grep
--recursive
--extended-regexp
--with-filename
--line-number
--color=always
"TODO|FIXME|BUG"
./src;
then exit 1;
else
echo "No TODO, FIXME, or BUG statements found in source files.";
fi
typos_spell_check:
name: Check spelling with typos
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check spelling with typos
uses: crate-ci/typos@master
with:
config: .typos.toml
lint_markdown_files:
name: Lint Markdown files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: articulate/actions-markdownlint@v1
with:
files: '*.md'
ignore: '**/node_modules'
lint_yaml_files:
name: Lint YAML files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ibiqlik/action-yamllint@v3
lint_shell_script_files:
name: Lint shell scripts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: azohra/shell-linter@latest
commitlint:
name: Enforce Conventional Commits
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: >
Check the commits conform to the Conventional
Commits specification with commitlint
uses: wagoid/commitlint-github-action@v5
# TODO: check PRs have all changes (squashed) in(to) 1 commit
# TODO: make semver automatically bump version num and update changelog
# TODO: publish new release if version num bumped and CI passes