Awesome
ghalint
A port of suzuki-shunsuke/ghalint to a lintnet Module. ghalint is a linter for GitHub Actions.
Usage
Example 1. Use a lint rule
function(param) {
targets: [
{
data_files: [
'.github/workflows/*.yml',
'.github/workflows/*.yaml',
],
modules: [
'github_archive/github.com/lintnet-modules/ghalint/workflow/deny_inherit_secrets/main.jsonnet@0d6f9c5dbc856a70fca35511136d4f1c3195c872:v0.3.1',
],
},
],
}
Example 2. Use all lint rules with default settings
function(param) {
targets: [
{
data_files: [
'.github/workflows/*.yml',
'.github/workflows/*.yaml',
],
modules: [
'github_archive/github.com/lintnet-modules/ghalint/workflow/**/main.jsonnet@0d6f9c5dbc856a70fca35511136d4f1c3195c872:v0.3.1',
],
},
{
data_files: [
'**/action.yml',
'**/action.yaml',
'!.github/workflows/action.yml',
'!.github/workflows/action.yaml',
],
modules: [
'github_archive/github.com/lintnet-modules/ghalint/action/**/main.jsonnet@0d6f9c5dbc856a70fca35511136d4f1c3195c872:v0.3.1',
],
},
],
}
Example 3. Customize settings
function(param) {
targets: [
{
data_files: [
'.github/workflows/*.yml',
'.github/workflows/*.yaml',
],
modules: [
{
path: 'github_archive/github.com/lintnet-modules/ghalint@0d6f9c5dbc856a70fca35511136d4f1c3195c872:v0.3.1',
files: [
'workflow/**/main.jsonnet',
'!workflow/action_ref_should_be_full_length_commit_sha/main.jsonnet',
{
path: 'workflow/action_ref_should_be_full_length_commit_sha/main.jsonnet',
config: {
excludes: [
'slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml',
],
},
},
],
},
],
},
],
}