From 0df41de6f27cd28d8b938e55462c8156748f2c2d Mon Sep 17 00:00:00 2001 From: Jonathan Innis Date: Thu, 26 Oct 2023 01:06:43 -0700 Subject: [PATCH] Add GHA linting --- .github/actionlint-matcher.json | 17 +++++++++++++++++ .github/workflows/approval-comment.yaml | 4 +--- .github/workflows/ci.yaml | 2 ++ .github/workflows/codegen.yaml | 5 +---- .github/workflows/e2e-upgrade.yaml | 2 +- .github/workflows/e2e.yaml | 8 ++++---- .github/workflows/pr-snapshot.yaml | 8 ++++---- .github/workflows/release.yaml | 4 ++-- .github/workflows/resolve-args.yaml | 12 ++++++------ .golangci.yaml | 8 ++++++++ Makefile | 1 + hack/toolchain.sh | 1 + pkg/test/expectations/expectations.go | 2 +- test/pkg/debug/setup.go | 2 +- test/pkg/environment/aws/environment.go | 2 +- test/pkg/environment/aws/expectations.go | 4 ++-- test/pkg/environment/aws/metrics.go | 4 ++-- test/pkg/environment/aws/setup.go | 1 - test/pkg/environment/common/expectations.go | 4 ++-- test/pkg/environment/common/setup.go | 4 ++-- 20 files changed, 59 insertions(+), 36 deletions(-) create mode 100644 .github/actionlint-matcher.json diff --git a/.github/actionlint-matcher.json b/.github/actionlint-matcher.json new file mode 100644 index 000000000000..00c320db5f2d --- /dev/null +++ b/.github/actionlint-matcher.json @@ -0,0 +1,17 @@ +{ + "problemMatcher": [ + { + "owner": "actionlint", + "pattern": [ + { + "regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$", + "file": 1, + "line": 2, + "column": 3, + "message": 4, + "code": 5 + } + ] + } + ] +} \ No newline at end of file diff --git a/.github/workflows/approval-comment.yaml b/.github/workflows/approval-comment.yaml index 1ba647fa7bc8..24d6203bdb34 100644 --- a/.github/workflows/approval-comment.yaml +++ b/.github/workflows/approval-comment.yaml @@ -16,9 +16,7 @@ jobs: REVIEW_BODY: ${{ github.event.review.body }} run: | mkdir -p /tmp/artifacts - echo $REVIEW_BODY >> /tmp/artifacts/metadata.txt - echo ${{ github.event.pull_request.number }} >> /tmp/artifacts/metadata.txt - echo ${{ github.event.review.commit_id }} >> /tmp/artifacts/metadata.txt + { echo "$REVIEW_BODY"; echo ${{ github.event.pull_request.number }}; echo ${{ github.event.review.commit_id }}; } >> /tmp/artifacts/metadata.txt cat /tmp/artifacts/metadata.txt - uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 54e2b4d62d38..9f28b09e52a6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -10,4 +10,6 @@ jobs: steps: - uses: actions/checkout@v4 - uses: ./.github/actions/install-deps + - name: Enable the actionlint matcher + run: echo "::add-matcher::.github/actionlint-matcher.json" - run: make ci-non-test diff --git a/.github/workflows/codegen.yaml b/.github/workflows/codegen.yaml index 02e9f821ae26..49019d17dc32 100644 --- a/.github/workflows/codegen.yaml +++ b/.github/workflows/codegen.yaml @@ -1,14 +1,11 @@ name: "APICodeGen" - on: schedule: - cron: '0 13 * * MON' - permissions: id-token: write # aws-actions/configure-aws-credentials@v4.0.1 pull-requests: write # name: Create Pull Request contents: write # name: Create Pull Request - jobs: codegen: if: github.repository == 'aws/karpenter' @@ -30,7 +27,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ENABLE_GIT_PUSH: true - id: detect-changes - run: cat /tmp/codegen-updates && echo APICodeGenUpdate=true >> $GITHUB_OUTPUT + run: cat /tmp/codegen-updates && echo APICodeGenUpdate=true >> "$GITHUB_OUTPUT" - name: Create Pull Request if: steps.detect-changes.outputs.APICodeGenUpdate == 'true' uses: actions/github-script@v6 diff --git a/.github/workflows/e2e-upgrade.yaml b/.github/workflows/e2e-upgrade.yaml index 5b2d91867fca..9af8f356975a 100644 --- a/.github/workflows/e2e-upgrade.yaml +++ b/.github/workflows/e2e-upgrade.yaml @@ -79,7 +79,7 @@ jobs: run: | CLUSTER_NAME="upgrade-$RANDOM$RANDOM" echo "Using cluster name \"$CLUSTER_NAME\"" - echo CLUSTER_NAME=$CLUSTER_NAME >> $GITHUB_OUTPUT + echo CLUSTER_NAME="$CLUSTER_NAME" >> "$GITHUB_OUTPUT" - name: create eks cluster '${{ steps.generate-cluster-name.outputs.CLUSTER_NAME }}' uses: ./.github/actions/e2e/create-cluster with: diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 33c9690e7345..045737cf6d03 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -102,12 +102,12 @@ jobs: - name: add jitter on cluster creation run: | # Creating jitter so that we can stagger cluster creation to avoid throttling - sleep $(( $RANDOM % 300 + 1 )) + sleep $(( RANDOM % 300 + 1 )) - id: generate-cluster-name run: | - CLUSTER_NAME=$(echo ${{ inputs.suite }}-$RANDOM$RANDOM | awk '{print tolower($0)}' | tr / -) - echo "Using cluster name \"$CLUSTER_NAME\"" - echo CLUSTER_NAME=$CLUSTER_NAME >> $GITHUB_OUTPUT + CLUSTER_NAME="$(echo ${{ inputs.suite }}-"$RANDOM$RANDOM" | awk '{print tolower($0)}' | tr / -)" + echo Using cluster name "$CLUSTER_NAME" + echo CLUSTER_NAME="$CLUSTER_NAME" >> "$GITHUB_OUTPUT" - name: create eks cluster '${{ steps.generate-cluster-name.outputs.CLUSTER_NAME }}' uses: ./.github/actions/e2e/create-cluster with: diff --git a/.github/workflows/pr-snapshot.yaml b/.github/workflows/pr-snapshot.yaml index 461b6748e636..2da9de23d6bd 100644 --- a/.github/workflows/pr-snapshot.yaml +++ b/.github/workflows/pr-snapshot.yaml @@ -16,10 +16,10 @@ jobs: - uses: ./.github/actions/download-artifact - id: metadata run: | - pr_number=$(head -n 2 /tmp/artifacts/metadata.txt | tail -n 1) - pr_commit=$(tail -n 1 /tmp/artifacts/metadata.txt) - echo "PR_COMMIT=$pr_commit" >> $GITHUB_OUTPUT - echo "PR_NUMBER=$pr_number" >> $GITHUB_OUTPUT + pr_number="$(head -n 2 /tmp/artifacts/metadata.txt | tail -n 1)" + pr_commit="$(tail -n 1 /tmp/artifacts/metadata.txt)" + echo PR_COMMIT="$pr_commit" >> "$GITHUB_OUTPUT" + echo PR_NUMBER="$pr_number" >> "$GITHUB_OUTPUT" - uses: actions/checkout@v4 with: ref: ${{ steps.metadata.outputs.PR_COMMIT }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 360ac1325d96..86073d5aac1b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -21,8 +21,8 @@ jobs: prerelease: false - id: tag run: | - TAG=$(git describe --tags --exact-match) - echo "TAG=${TAG}" >> $GITHUB_OUTPUT + TAG="$(git describe --tags --exact-match)" + echo TAG="${TAG}" >> "$GITHUB_OUTPUT" - uses: ./.github/actions/install-deps - uses: aws-actions/configure-aws-credentials@v4.0.1 with: diff --git a/.github/workflows/resolve-args.yaml b/.github/workflows/resolve-args.yaml index edb4694792d2..d100670ecc49 100644 --- a/.github/workflows/resolve-args.yaml +++ b/.github/workflows/resolve-args.yaml @@ -25,13 +25,13 @@ jobs: - id: resolve-step run: | if [[ "${{ github.event_name }}" == "workflow_run" ]]; then - if [[ $(head -n 1 /tmp/artifacts/metadata.txt) == *"${{ inputs.allowed_comment }}"* ]]; then - echo SHOULD_RUN=true >> $GITHUB_OUTPUT + if [[ "$(head -n 1 /tmp/artifacts/metadata.txt)" == *"${{ inputs.allowed_comment }}"* ]]; then + echo SHOULD_RUN=true >> "$GITHUB_OUTPUT" else - echo SHOULD_RUN=false >> $GITHUB_OUTPUT + echo SHOULD_RUN=false >> "$GITHUB_OUTPUT" fi - echo GIT_REF=$(tail -n 1 /tmp/artifacts/metadata.txt ) >> $GITHUB_OUTPUT + echo GIT_REF="$(tail -n 1 /tmp/artifacts/metadata.txt)" >> "$GITHUB_OUTPUT" else - echo SHOULD_RUN=true >> $GITHUB_OUTPUT - echo GIT_REF="" >> $GITHUB_OUTPUT + echo SHOULD_RUN=true >> "$GITHUB_OUTPUT" + echo GIT_REF="" >> "$GITHUB_OUTPUT" fi \ No newline at end of file diff --git a/.golangci.yaml b/.golangci.yaml index 3fc54e3d71a4..8a19aae9fc5d 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -37,6 +37,14 @@ linters-settings: min-complexity: 11 govet: check-shadowing: true + revive: + rules: + - name: dot-imports + disabled: true + stylecheck: + dot-import-whitelist: + - "github.com/onsi/ginkgo/v2" + - "github.com/onsi/gomega" misspell: locale: US ignore-words: [] diff --git a/Makefile b/Makefile index 40ceb42efbf2..41b198d8737d 100644 --- a/Makefile +++ b/Makefile @@ -134,6 +134,7 @@ verify: tidy download ## Verify code. Includes dependencies, linting, formatting fi;} @echo "Validating codegen/docgen build scripts..." @find hack/code hack/docs -name "*.go" -type f -print0 | xargs -0 -I {} go build -o /dev/null {} + actionlint -oneline vulncheck: ## Verify code vulnerabilities @govulncheck ./pkg/... diff --git a/hack/toolchain.sh b/hack/toolchain.sh index 26d305c36ee7..97bb2c32b240 100755 --- a/hack/toolchain.sh +++ b/hack/toolchain.sh @@ -21,6 +21,7 @@ tools() { go install -tags extended github.com/gohugoio/hugo@v0.110.0 go install golang.org/x/vuln/cmd/govulncheck@latest go install github.com/onsi/ginkgo/v2/ginkgo@latest + go install github.com/rhysd/actionlint/cmd/actionlint@latest if ! echo "$PATH" | grep -q "${GOPATH:-undefined}/bin\|$HOME/go/bin"; then echo "Go workspace's \"bin\" directory is not in PATH. Run 'export PATH=\"\$PATH:\${GOPATH:-\$HOME/go}/bin\"'." diff --git a/pkg/test/expectations/expectations.go b/pkg/test/expectations/expectations.go index 9cba129deec5..4c9556a988a3 100644 --- a/pkg/test/expectations/expectations.go +++ b/pkg/test/expectations/expectations.go @@ -15,7 +15,7 @@ limitations under the License. package expectations import ( - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/gomega" "github.com/samber/lo" v1 "k8s.io/api/core/v1" diff --git a/test/pkg/debug/setup.go b/test/pkg/debug/setup.go index 11525593e5a1..5fe7c93f0953 100644 --- a/test/pkg/debug/setup.go +++ b/test/pkg/debug/setup.go @@ -22,7 +22,7 @@ import ( "k8s.io/client-go/rest" "sigs.k8s.io/controller-runtime/pkg/client" - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/gomega" ) const ( diff --git a/test/pkg/environment/aws/environment.go b/test/pkg/environment/aws/environment.go index 90cc250c9580..80edbe5936d9 100644 --- a/test/pkg/environment/aws/environment.go +++ b/test/pkg/environment/aws/environment.go @@ -33,7 +33,7 @@ import ( "github.com/aws/aws-sdk-go/service/sts" "github.com/aws/aws-sdk-go/service/timestreamwrite" "github.com/aws/aws-sdk-go/service/timestreamwrite/timestreamwriteiface" - . "github.com/onsi/ginkgo/v2" //nolint:revive,stylecheck + . "github.com/onsi/ginkgo/v2" "github.com/samber/lo" "k8s.io/utils/env" diff --git a/test/pkg/environment/aws/expectations.go b/test/pkg/environment/aws/expectations.go index a91eafa50719..685c2d5a7e33 100644 --- a/test/pkg/environment/aws/expectations.go +++ b/test/pkg/environment/aws/expectations.go @@ -28,8 +28,8 @@ import ( "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/sts" "github.com/mitchellh/hashstructure/v2" - . "github.com/onsi/ginkgo/v2" //nolint:revive,stylecheck - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" "github.com/samber/lo" "go.uber.org/multierr" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/test/pkg/environment/aws/metrics.go b/test/pkg/environment/aws/metrics.go index 87624d192761..fb3c75c431ef 100644 --- a/test/pkg/environment/aws/metrics.go +++ b/test/pkg/environment/aws/metrics.go @@ -23,8 +23,8 @@ import ( "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/service/timestreamwrite" "github.com/aws/aws-sdk-go/service/timestreamwrite/timestreamwriteiface" - . "github.com/onsi/ginkgo/v2" //nolint:revive,stylecheck - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" "github.com/samber/lo" "github.com/aws/karpenter/test/pkg/environment/common" diff --git a/test/pkg/environment/aws/setup.go b/test/pkg/environment/aws/setup.go index 5e8bb4d21a7e..2e9d1adab0b0 100644 --- a/test/pkg/environment/aws/setup.go +++ b/test/pkg/environment/aws/setup.go @@ -15,7 +15,6 @@ limitations under the License. package aws import ( - //nolint:revive,stylecheck v1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/test/pkg/environment/common/expectations.go b/test/pkg/environment/common/expectations.go index 66bb34f1a2b8..4a95bac043ae 100644 --- a/test/pkg/environment/common/expectations.go +++ b/test/pkg/environment/common/expectations.go @@ -22,8 +22,8 @@ import ( "strings" "time" - . "github.com/onsi/ginkgo/v2" //nolint:revive,stylecheck - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" "github.com/samber/lo" appsv1 "k8s.io/api/apps/v1" coordinationv1 "k8s.io/api/coordination/v1" diff --git a/test/pkg/environment/common/setup.go b/test/pkg/environment/common/setup.go index e4c371fe71f9..efeca444d466 100644 --- a/test/pkg/environment/common/setup.go +++ b/test/pkg/environment/common/setup.go @@ -19,8 +19,8 @@ import ( "sync" "time" - . "github.com/onsi/ginkgo/v2" //nolint:revive,stylecheck - . "github.com/onsi/gomega" //nolint:revive,stylecheck + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" "github.com/samber/lo" appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1"