CI: scan all Python scripts #143
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Static analysis of scripts | |
| on: | |
| # run on pull requests to the main branch | |
| pull_request: | |
| branches: [main] | |
| # run on pushes to the main branch | |
| push: | |
| branches: [main] | |
| # implicitely set all other permissions to none | |
| permissions: | |
| contents: read # actions/checkout | |
| # cancel in progress builds for this workflow triggered by the same ref | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| flake8: | |
| name: Install and run Flake8 on Python scripts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install flake8 | |
| run: sudo apt update && sudo apt -y install flake8 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run Flake8 | |
| run: | |
| # Run flake8 against all files outside .git/ that `file` reports | |
| # as text/x-script.python | |
| find . -path ./.git -prune -o -print0 | \ | |
| xargs -0n1 sh -c 'test "$(file --brief --mime-type "$1")" = "text/x-script.python" && printf "%s\000" "$1"' -- | \ | |
| xargs -0t flake8 | |
| pylint: | |
| name: Install and run Pylint on Python scripts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Pylint | |
| run: sudo apt update && sudo apt -y install pylint | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run Pylint (error mode) | |
| run: | |
| # Run pylint against all files outside .git/ that `file` reports | |
| # as text/x-script.python | |
| find . -path ./.git -prune -o -print0 | \ | |
| xargs -0n1 sh -c 'test "$(file --brief --mime-type "$1")" = "text/x-script.python" && printf "%s\000" "$1"' -- | \ | |
| xargs -0t pylint --errors-only | |
| shellcheck: | |
| name: Install and run ShellCheck on shell scripts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install ShellCheck | |
| run: sudo apt update && sudo apt -y install shellcheck file | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run ShellCheck | |
| run: | | |
| # Run shellcheck against all files outside .git/ that `file` reports | |
| # as text/x-shellscript | |
| # | |
| # Ignore the double quoting warning, script authors have better | |
| # knowledge of variable contents. | |
| export SHELLCHECK_OPTS="-e SC2086" | |
| find . -path ./.git -prune -o -print0 | \ | |
| xargs -0n1 sh -c 'test "$(file --brief --mime-type "$1")" = "text/x-shellscript" && printf "%s\000" "$1"' -- | \ | |
| xargs -0t shellcheck |