Skip to content

Document maintainer actions #5677

Document maintainer actions

Document maintainer actions #5677

Workflow file for this run

name: Lint Checks
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ (github.event.pull_request && github.event.pull_request.number) || github.ref || github.run_id }}
cancel-in-progress: true
# See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after a couple of runs
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: 1.23.x
- name: Print Jaeger version for no reason
run: make echo-v1 echo-v2
- run: make install-test-tools
- run: make lint
pull-request-preconditions:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after a couple of runs
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: ./.github/actions/block-pr-from-main-branch
- run: |
git fetch origin main
make lint-nocommit
dco-check:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after a couple of runs
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Set up Python 3.x for DCO check
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.x'
- name: Run DCO check
run: python3 scripts/dco_check.py -b main -v --exclude-pattern '@users\.noreply\.github\.com'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
generated-files-check:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
submodules: recursive
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: 1.23.x
- name: Verify Protobuf types are up to date
run: make proto && git diff --name-status --exit-code
- name: Verify Thrift types are up to date
run: make thrift && git diff --name-status --exit-code
- name: Verify Mockery types are up to date
run: make generate-mocks && git diff --name-status --exit-code
lint-shell-scripts:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- run: sudo apt-get install shellcheck
- run: shellcheck scripts/*.sh
- name: Install shunit2 for shell unit tests
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: kward/shunit2
path: .tools/shunit2
- name: Run unit tests for scripts
run: |
SHUNIT2=.tools/shunit2 bash scripts/compute-tags.test.sh