Fixer

.github/action.yaml

@@ -0,0 +1,21 @@
+# Configuration file for sisakulint
+# Use this file to customize the behavior of sisakulint
+# self-hosted-runner section is for configuring self-hosted runners.
+self-hosted-runner:
+  # Use the labels key to specify labels for self-hosted runners used in your project as an array of strings.
+  # This allows sisakulint to verify that these labels are correctly configured.
+  # 🧠 Example: labels: ["linux-large", "windows-2xlarge"]
+  # Note: Ensure that the labels match those configured in your self-hosted runner settings.
+  labels: []
+
+# config-variables section is for specifying configuration variables defined in your repository or organization.
+# Setting it to null disables the check for configuration variables.
+# An empty array means no configuration variable is allowed.
+# 🧠 Example: config-variables: ["CI_ENVIRONMENT", "DEPLOY_TARGET"]
+# Note: List all the configuration variables that are used in your GitHub Actions workflows.
+config-variables: null
+
+# Add other optional settings below.
+# 🧠 Example: some-option: value
+# Note: Refer to the sisakulint documentation for more information on available settings.
+

.github/actions/setup-sisakulint/action.yml

@@ -0,0 +1,23 @@
+name: Setup sisakulint
+description: Setup sisakulint CLI tool in your workflow
+inputs:
+  sisakulint_version:
+    description: Version of sisakulint to install
+    required: true
+runs:
+  using: "composite"
+  steps:
+    # gh release download "v0.0.9" -R ultra-supara/sisakulint -p "sisakulint_0.0.9_darwin_amd64.tar.gz"
+    # tar -xf "sisakulint_0.0.9_darwin_amd64.tar.gz"
+    # https://github.com/ultra-supara/sisakulint/releases/tag/v0.0.9
+    - name: Download sisakulint
+      shell: bash
+      run: |
+        mkdir -p bin
+        cd bin
+        curl -L https://github.com/ultra-supara/sisakulint/releases/download/v${SISAKULINT_VERSION}/sisakulint_${SISAKULINT_VERSION}_linux_amd64.tar.gz -o "sisakulint_${SISAKULINT_VERSION}_linux_amd64.tar.gz"
+        tar -xf "sisakulint_${SISAKULINT_VERSION}_linux_amd64.tar.gz"
+        chmod +x sisakulint
+        echo "$(pwd)" >> $GITHUB_PATH
+      env:
+        SISAKULINT_VERSION: ${{ inputs.sisakulint_version }}

.github/workflows/scan-codeql.yml

@@ -0,0 +1,31 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: ["main"]
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: "ubuntu-latest"
+    timeout-minutes: 360
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["actions"]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/scan-sisakulint.yml

@@ -0,0 +1,27 @@
+name: "sisakulint"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  run_sisakulint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Setup sisakulint
+        uses: ./.github/actions/setup-sisakulint
+        with:
+          sisakulint_version: 0.0.9
+      - name: Run sisakulint
+        run: sisakulint -fix on -format "{{sarif .}}" > sisakulint.sarif || true
+      - name: Commit fix
+        if: ${{ github.event == "pull_request" }}
+        uses: suzuki-shunsuke/commit-action@main
+      - name: Upload SARIF results
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: sisakulint.sarif