From 73a8d2be4239cc9eaaca92c880f1102407798afa Mon Sep 17 00:00:00 2001 From: Sergei Petrosian Date: Wed, 23 Aug 2023 13:03:05 +0200 Subject: [PATCH] docs: Make badges consistent, run markdownlint on all .md files - Consistently generate badges for GH workflows in README RHELPLAN-146921 - Run markdownlint on all .md files - Add custom-woke-action if not used already - Rename woke action to Woke for a pretty badge Signed-off-by: Sergei Petrosian --- .github/actions/custom-woke-action/LICENSE | 21 +++++ .github/actions/custom-woke-action/README.md | 78 +++++++++++++++++++ .github/actions/custom-woke-action/action.yml | 46 +++++++++++ .../actions/custom-woke-action/entrypoint.sh | 21 +++++ .../custom-woke-action/testdata/bad.txt | 1 + .github/workflows/markdownlint.yml | 6 +- .github/workflows/woke.yml | 11 +-- README-ansible.md | 3 +- README.md | 4 + contributing.md | 8 +- 10 files changed, 185 insertions(+), 14 deletions(-) create mode 100644 .github/actions/custom-woke-action/LICENSE create mode 100644 .github/actions/custom-woke-action/README.md create mode 100644 .github/actions/custom-woke-action/action.yml create mode 100755 .github/actions/custom-woke-action/entrypoint.sh create mode 100644 .github/actions/custom-woke-action/testdata/bad.txt diff --git a/.github/actions/custom-woke-action/LICENSE b/.github/actions/custom-woke-action/LICENSE new file mode 100644 index 0000000..a80030c --- /dev/null +++ b/.github/actions/custom-woke-action/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright © 2020 Caitlin Elfring + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/.github/actions/custom-woke-action/README.md b/.github/actions/custom-woke-action/README.md new file mode 100644 index 0000000..cbdd732 --- /dev/null +++ b/.github/actions/custom-woke-action/README.md @@ -0,0 +1,78 @@ +# woke-action + +[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/get-woke/woke-action?logo=github&sort=semver)](https://github.com/get-woke/woke-action/releases) + +Woke GitHub Actions allow you to execute [`woke`](https://github.com/get-woke/woke) command within GitHub Actions. + +The output of the actions can be viewed from the Actions tab in the main repository view. + +## Usage + +The most common usage is to run `woke` on a file/directory. This workflow can be configured by adding the following content to the GitHub Actions workflow YAML file (ie in `.github/workflows/woke.yaml`). + +```yaml +name: woke +on: + - pull_request +jobs: + woke: + name: woke + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: woke + uses: get-woke/woke-action@v0 + with: + # Cause the check to fail on any broke rules + fail-on-error: true +``` + +## Inputs + +Inputs to configure the `woke` GitHub Actions. + +| Input | Default | Description | +|------------------|-----------------------|---------------------------------------------------------------------------------------------------| +| `woke-args` | `.` | (Optional) Additional flags to run woke with (see ) | +| `woke-version` | latest | (Optional) Release version of `woke` (defaults to latest version) | +| `fail-on-error` | `false` | (Optional) Fail the GitHub Actions check for any failures. | +| `workdir` | `.` | (Optional) Run `woke` this working directory relative to the root directory. | +| `github-token` | `${{ github.token }}` | (Optional) Custom GitHub Access token (ie `${{ secrets.MY_CUSTOM_TOKEN }}`). | + +## License + +This application is licensed under the MIT License, you may obtain a copy of it +[here](https://github.com/get-woke/woke-action/blob/main/LICENSE). + +## Only Changed Files + +If you're interested in only running `woke` against files that have changed in a PR, +consider something like [Get All Changed Files Action](https://github.com/marketplace/actions/get-all-changed-files). With this, you can add a workflow that looks like: + +```yaml + +name: 'woke' +on: + - pull_request +jobs: + woke: + name: 'woke' + runs-on: ubuntu-latest + steps: + - name: 'Checkout' + uses: actions/checkout@v2 + + - uses: jitterbit/get-changed-files@v1 + id: files + + - name: 'woke' + uses: get-woke/woke-action@v0 + with: + # Cause the check to fail on any broke rules + fail-on-error: true + # See https://github.com/marketplace/actions/get-all-changed-files + # for more options + woke-args: ${{ steps.files.outputs.added_modified }} +``` diff --git a/.github/actions/custom-woke-action/action.yml b/.github/actions/custom-woke-action/action.yml new file mode 100644 index 0000000..c92b694 --- /dev/null +++ b/.github/actions/custom-woke-action/action.yml @@ -0,0 +1,46 @@ +name: 'Run woke' +description: >- + Run woke on pull requests to detect non-inclusive language + in your source code. +author: 'Caitlin Elfring (caitlinelfring)' +inputs: + github-token: + description: 'GITHUB_TOKEN' + required: true + default: ${{ github.token }} + woke-args: + description: 'woke arguments' + default: '.' + required: false + fail-on-error: + description: | + Exit code when errors are found [true,false] + Default is `false`. + default: 'false' + required: false + workdir: + description: 'Working directory relative to the root directory.' + default: '.' + required: false + woke-version: + description: >- + woke version, defaults to the latest `v0` version. + Override to pin to a specific version + default: 'v0' + required: false +runs: + using: 'composite' + steps: + - run: $GITHUB_ACTION_PATH/entrypoint.sh + shell: bash + env: + # INPUT_ is not available in Composite run steps + # https://github.com/actions/runner/issues/665 + INPUT_GITHUB_TOKEN: ${{ inputs.github-token }} + INPUT_WOKE_VERSION: ${{ inputs.woke-version }} + INPUT_WOKE_ARGS: ${{ inputs.woke-args }} + INPUT_FAIL_ON_ERROR: ${{ inputs.fail-on-error }} + INPUT_WORKDIR: ${{ inputs.workdir }} +branding: + icon: 'check-circle' + color: 'gray-dark' diff --git a/.github/actions/custom-woke-action/entrypoint.sh b/.github/actions/custom-woke-action/entrypoint.sh new file mode 100755 index 0000000..e9ba2b1 --- /dev/null +++ b/.github/actions/custom-woke-action/entrypoint.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# shellcheck disable=SC2086 + +set -e + +cd "${GITHUB_WORKSPACE}/${INPUT_WORKDIR}" || exit 1 + +TEMP_PATH="$(mktemp -d)" +PATH="${TEMP_PATH}:$PATH" + +echo '::group:: Installing woke ... https://github.com/nhosoi/woke' +curl https://raw.githubusercontent.com/nhosoi/woke/main/woke -o "${TEMP_PATH}/woke" +chmod 0755 "${TEMP_PATH}/woke" +echo '::endgroup::' + +echo '::group:: Running woke ...' +woke \ + --output github-actions \ + --exit-1-on-failure="${INPUT_FAIL_ON_ERROR:-false}" \ + ${INPUT_WOKE_ARGS} +echo '::endgroup::' diff --git a/.github/actions/custom-woke-action/testdata/bad.txt b/.github/actions/custom-woke-action/testdata/bad.txt new file mode 100644 index 0000000..ffdf955 --- /dev/null +++ b/.github/actions/custom-woke-action/testdata/bad.txt @@ -0,0 +1 @@ +I have a whitelist and a blacklist. What should I do about it? diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index 98e3c4c..9353aa1 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -27,8 +27,10 @@ jobs: - name: Check out code uses: actions/checkout@v3 - - name: Lint README.md + # CHANGELOG.md is generated automatically from PR titles and descriptions + # It might have issues but they are not critical + - name: Lint all markdown files except for CHANGELOG.md uses: docker://avtodev/markdown-lint:master with: - args: README.md + args: --ignore=CHANGELOG.md **/*.md config: .markdownlint.yaml diff --git a/.github/workflows/woke.yml b/.github/workflows/woke.yml index 6752ff5..dc2b59a 100644 --- a/.github/workflows/woke.yml +++ b/.github/workflows/woke.yml @@ -1,18 +1,19 @@ # yamllint disable rule:line-length -name: Check for non-inclusive language +name: Woke on: # yamllint disable-line rule:truthy - pull_request jobs: woke: - name: woke + name: Detect non-inclusive language runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - - name: woke - uses: get-woke/woke-action@v0 + - name: custom woke + # Originally, uses: get-woke/woke-action@v0 + uses: ./.github/actions/custom-woke-action with: - woke-args: "-c https://raw.githubusercontent.com/linux-system-roles/tox-lsr/main/src/tox_lsr/config_files/woke.yml" + woke-args: "-c https://raw.githubusercontent.com/linux-system-roles/tox-lsr/main/src/tox_lsr/config_files/woke.yml --count-only-error-for-failure" # Cause the check to fail on any broke rules fail-on-error: true diff --git a/README-ansible.md b/README-ansible.md index bdd47b1..01a54eb 100644 --- a/README-ansible.md +++ b/README-ansible.md @@ -1,5 +1,4 @@ -Introduction to Ansible for Linux System Roles -============================================== +# Introduction to Ansible for Linux System Roles If you are not familiar with Ansible, please see [Introduction to Ansible for Linux System Roles](https://linux-system-roles.github.io/documentation/intro-to-ansible-for-system-roles.html), diff --git a/README.md b/README.md index 08f8b8c..736c883 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,9 @@ # SELinux +[![ansible-lint.yml](https://github.com/linux-system-roles/selinux/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/selinux/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/selinux/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/codeql.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/selinux/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/python-unit-test.yml) [![markdownlint.yml](https://github.com/linux-system-roles/selinux/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/markdownlint.yml) [![woke.yml](https://github.com/linux-system-roles/selinux/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/selinux/actions/workflows/woke.yml) + +--- + ![CI Testing](https://github.com/linux-system-roles/selinux/workflows/tox/badge.svg) ## Expected functionality diff --git a/contributing.md b/contributing.md index 5cf67fc..2938113 100644 --- a/contributing.md +++ b/contributing.md @@ -1,8 +1,6 @@ -Contributing to the selinux Linux System Role -============================================= +# Contributing to the selinux Linux System Role -Where to start --------------- +## Where to start The first place to go is [Contribute](https://linux-system-roles.github.io/contribute.html). This has all of the common information that all role developers need: @@ -22,7 +20,7 @@ are likely to be suitable for new contributors! **Code** is managed on [Github](https://github.com/linux-system-roles/selinux), using [Pull Requests](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests). -### Python Code +## Python Code The Python code needs to be **compatible with the Python versions supported by the role platform**.