[PRM-537] Introduce markdown validation on PRs

chrisbloe · chrisbloe · commit 1b7772fabddb · 2025-11-27T09:34:37.000Z
diff --git a/.github/workflows/automated-pr-checks.yml b/.github/workflows/automated-pr-checks.yml
@@ -1,23 +1,23 @@
-name: 'Z-AUTOMATED: SBOM Repo Scan'
+name: "Z-AUTOMATED: PR Checks"
 
 on:
   pull_request:
     types: [opened, synchronize, reopened]
 
-permissions:
-  actions: read   # Required for anchore/sbom-action
-  contents: write # Required for anchore/sbom-action
-  id-token: write # Required for requesting the JWT
-  pull-requests: write
-
 jobs:
   sbom_scan:
     name: SBOM Repo Scan
     runs-on: ubuntu-latest
+    permissions:
+      actions: read # Required for anchore/sbom-action
+      contents: write # Required for anchore/sbom-action
+      id-token: write # Required for requesting the JWT
+      pull-requests: write
     steps:
-      - uses: actions/checkout@v5
+      - name: Checkout
+        uses: actions/checkout@v5
         with:
-          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+          fetch-depth: 0
 
       - uses: anchore/sbom-action@v0
         with:
@@ -51,14 +51,14 @@ jobs:
               repo: context.repo.repo,
               issue_number: context.issue.number,
             })
-            
+
             const botComment = comments.find(comment => {
               return comment.user.type === 'Bot' && comment.body.includes('Code security issues found')
             })
 
             // 2. Prepare format of the comment
             const output = `### Code security issues found
-            
+
             View full details [here](https://github.com/${{ github.repository }}/security/code-scanning?query=is%3Aopen+pr%3A${{ github.event.pull_request.number }}).`;
 
             // 3. If we have a comment, update it, otherwise create a new one
@@ -70,7 +70,7 @@ jobs:
                 body: output
               })
             }
-            
+
             github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
@@ -89,7 +89,7 @@ jobs:
               repo: context.repo.repo,
               issue_number: context.issue.number,
             })
-            
+
             const botComment = comments.find(comment => {
               return comment.user.type === 'Bot' && comment.body.includes('Code security issues found')
             })
@@ -102,3 +102,21 @@ jobs:
                 comment_id: botComment.id
               })
             }
+
+  markdown-validator:
+    name: Markdown Validator
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Run Markdown Validator Script
+        id: validate
+        run: |
+          BRANCH_NAME=${{ github.event.repository.default_branch }}
+          chmod +x scripts/markdown-validator.sh
+          scripts/markdown-validator.sh
diff --git a/scripts/markdown-validator.sh b/scripts/markdown-validator.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Check Markdown formating of all the "*.md" files that are changed and commited to the current branch.
+#
+# Usage:
+#   $ [options] ./markdown-check-format.sh
+#
+# Options:
+#   BRANCH_NAME=other-branch-than-main  # Branch to compare with
+
+# Please, make sure to enable Markdown linting in your IDE. For the Visual Studio Code editor it is
+# `davidanson.vscode-markdownlint` that is already specified in the `.vscode/extensions.json` file.
+
+#files=$((git diff --diff-filter=ACMRT --name-only origin/${BRANCH_NAME:-main}.. "*.md"; git diff --name-only "*.md") | sort | uniq)
+files=$((find . -name "*.md" -printf '%P\n') | sort | uniq)
+
+if [ -n "$files" ]; then
+  image=ghcr.io/igorshubovych/markdownlint-cli@sha256:b771097d3d9ec6b368fefcea5f0c05c8710293d9251fca17e31c8e10987b50ef # v0.46.0
+  docker run --rm \
+    -v $PWD:/workdir \
+    $image \
+      $files \
+      --disable MD013 MD033
+fi
