fix CI controls #272
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Quality | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| checks: write | |
| jobs: | |
| # Go linting | |
| golangci-lint: | |
| name: Go Linter | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| cache-dependency-path: | | |
| go.sum | |
| go.mod | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: latest | |
| args: --config .golangci.yml --verbose --timeout 5m | |
| skip-cache: false # Enable caching for better performance | |
| # Terraform formatting | |
| terraform-fmt: | |
| name: Terraform Format Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: latest | |
| - name: Check Terraform formatting in examples | |
| run: | | |
| find examples -name "*.tf" -exec terraform fmt -check=true -diff=true {} \; | |
| - name: Check HCL formatting in test files | |
| run: | | |
| find . -name "*_test.go" -exec grep -l "testAccResourceConfig" {} \; | \ | |
| xargs grep -oh 'resource "[^"]*" "[^"]*"' | \ | |
| sort -u > /tmp/terraform_blocks.txt || true | |
| # Documentation linting | |
| docs-lint: | |
| name: Documentation Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Markdown Lint | |
| uses: DavidAnson/markdownlint-cli2-action@v18 | |
| with: | |
| globs: | | |
| **/*.md | |
| !**/node_modules/** | |
| !**/.terraform/** | |
| # Temporarily disabled due to network issues causing dead link failures | |
| # - name: Check broken links | |
| # uses: gaurav-nelson/github-action-markdown-link-check@v1 | |
| # with: | |
| # use-quiet-mode: 'yes' | |
| # use-verbose-mode: 'no' | |
| # config-file: '.github/mlc_config.json' | |
| # License and dependency checks | |
| compliance: | |
| name: License & Dependency Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Check for vulnerable dependencies | |
| uses: golang/govulncheck-action@v1 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: false | |
| repo-checkout: false | |
| - name: License check | |
| run: | | |
| # TODO: Add license headers to all Go files or implement automated header addition | |
| echo "License check temporarily disabled - TODO: implement proper license headers" | |
| # Original check commented out until headers are added: | |
| # find . -name "*.go" -not -path "./vendor/*" | \ | |
| # xargs grep -L "Licensed under the" | \ | |
| # tee /tmp/missing_license.txt | |
| # | |
| # if [ -s /tmp/missing_license.txt ]; then | |
| # echo "Files missing license headers:" | |
| # cat /tmp/missing_license.txt | |
| # exit 1 | |
| # fi |