Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: bump megalinter version to v6 #93

Merged
merged 10 commits into from
Jan 18, 2023
Merged

Conversation

SamPriyadarshi
Copy link
Contributor

@SamPriyadarshi SamPriyadarshi commented Jan 16, 2023

What's changed, or what was fixed?

  • Bumped megalinter version for Github Actions from v4 to v6 in order to support linting of optional type arguments for Terraform.
  • Environment Variables for Mega Linter GitHub Actions workflow were adjusted. Some linters that are currently not being used were disabled to improve the execution time for the Linter phase/
  • .hadolint.yaml was added to ignore version pinning errors in Dockerfile (version pinning is not required currently).

Fixes:

  • I have run all the tests locally and they all pass.
  • I have followed the relevant style guide for my changes.

Copy link
Collaborator

@g-greatdevaks g-greatdevaks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@SamPriyadarshi This new version of Mega Linter seems to be having additional linters.

Please include the following environment variables for the Mega Linter configuration in order to have the linter checks appear similar to v4. Some linters, if disabled, will even have some positive impact on the execution time. For example, TERRAFORM_KICS takes a lot of time and we are having tflint and formatting currently being used.

env:
  ...
  DISABLE_LINTERS: TERRAFORM_KICS,TERRAFORM_CHECKOV,TERRAFORM_TERRASCAN,YAML_YAMLLINT,SPELL_CSPELL,SPELL_PROSELINT,PYTHON_BANDIT,PYTHON_FLAKE8,PYTHON_PYRIGHT,JSON_NPM_PACKAGE_JSON_LINT,REPOSITORY_CHECKOV,REPOSITORY_DEVSKIM,REPOSITORY_DUSTILOCK,REPOSITORY_GITLEAKS,REPOSITORY_GOODCHECK,REPOSITORY_SEMGREP,REPOSITORY_SYFT,REPOSITORY_TRIVY,COPYPASTE_JSCPD
  MARKDOWN_MARKDOWN_LINK_CHECK_DISABLE_ERRORS: true
  ...

@g-greatdevaks
Copy link
Collaborator

@SamPriyadarshi Since Hadolint is erroring out because of the version pinning requirement and we don't want to pin to a specific version as of now, we can have the Hadolint check for version pinning ignored.
More information: https://github.com/hadolint/hadolint/wiki/DL3018

.hadolint.yaml => new file created in the root directory

ignored:
  - DL3018

@g-greatdevaks
Copy link
Collaborator

g-greatdevaks commented Jan 18, 2023

LGTM.
Opening an issue (#94) to address the snoozed linters and the ones for which errors have been disabled.

Copy link
Collaborator

@g-greatdevaks g-greatdevaks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

.github/workflows/linter.yml Outdated Show resolved Hide resolved
.hadolint.yaml Show resolved Hide resolved
.github/workflows/linter.yml Outdated Show resolved Hide resolved
@g-greatdevaks g-greatdevaks merged commit 81fbc8a into apigee:main Jan 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants