-
Notifications
You must be signed in to change notification settings - Fork 0
175 lines (164 loc) · 5.51 KB
/
verify.yaml
File metadata and controls
175 lines (164 loc) · 5.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
on:
workflow_call:
inputs:
ref:
required: true
type: string
run_tests:
required: false
type: boolean
default: true
connector:
description: 'Connector name for regression testing (e.g., baton-okta). If set, runs baton-regression verification.'
required: false
type: string
default: ''
secrets:
RELENG_GITHUB_TOKEN:
required: false
jobs:
lint:
runs-on: ubuntu-latest
env:
GOPRIVATE: github.com/conductorone/*
steps:
- name: Checkout caller repo
uses: actions/checkout@v5
with:
path: _caller
repository: ${{ github.event.repository.full_name }}
fetch-depth: 0
ref: ${{ inputs.ref }}
- name: Configure git for private modules
env:
TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
run: |
if [ -n "$TOKEN" ]; then
git config --global url."https://${TOKEN}@github.com/".insteadOf "https://github.com/"
fi
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: _caller/go.mod
- name: Run linters
uses: golangci/golangci-lint-action@v9
with:
version: v2.11.4
args: --timeout=6m
working-directory: _caller
test:
if: inputs.run_tests == true
strategy:
matrix:
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
env:
GOPRIVATE: github.com/conductorone/*
steps:
- name: Checkout caller repo
uses: actions/checkout@v5
with:
repository: ${{ github.event.repository.full_name }}
fetch-depth: 0
ref: ${{ inputs.ref }}
- name: Configure git for private modules
env:
TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}
run: |
if [ -n "$TOKEN" ]; then
git config --global url."https://${TOKEN}@github.com/".insteadOf "https://github.com/"
fi
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: go tests
run: go test -v -covermode=count -json ./... | tee test.json
- name: annotate go tests
if: always()
uses: guyarb/golang-test-annotations@v0.8.0
with:
test-results: test.json
docs:
runs-on: ubuntu-latest
steps:
- name: Checkout caller repo
uses: actions/checkout@v5
with:
repository: ${{ github.event.repository.full_name }}
ref: ${{ inputs.ref }}
path: _caller
- name: Check for docs/connector.mdx
id: check-docs
run: |
if [ -f "_caller/docs/connector.mdx" ]; then
echo "has_docs=true" >> "$GITHUB_OUTPUT"
else
echo "has_docs=false" >> "$GITHUB_OUTPUT"
echo "No docs/connector.mdx found, skipping MDX validation"
fi
- name: Setup Node
if: steps.check-docs.outputs.has_docs == 'true'
uses: actions/setup-node@v4
with:
node-version: 20
- name: Install MDX lint dependencies
if: steps.check-docs.outputs.has_docs == 'true'
run: |
mkdir -p /tmp/mdx-lint && cd /tmp/mdx-lint
npm init -y --silent > /dev/null 2>&1
npm install --silent @mdx-js/mdx@3 remark-gfm@4 remark-frontmatter@5 2>&1 | tail -n 1
- name: Validate MDX documentation
if: steps.check-docs.outputs.has_docs == 'true'
shell: bash {0}
run: |
# Inline MDX lint: compile-only (no eval), with component allowlist.
# Use bash {0} (no -e) so we can capture the exit code ourselves.
# Write the lint script to the install directory so ESM resolution works
cat > /tmp/mdx-lint/mdx-lint.mjs << 'LINT_EOF'
import { compile } from "@mdx-js/mdx";
import remarkGfm from "remark-gfm";
import remarkFrontmatter from "remark-frontmatter";
const ALLOWED = new Set([
"Tip","Warning","Note","Info","Icon",
"Frame","Card","Tabs","Tab","Steps","Step",
]);
let content = "";
for await (const chunk of process.stdin) content += chunk;
if (!content.trim()) process.exit(0);
let compiled;
try {
compiled = String(await compile(content, {
outputFormat: "function-body",
remarkPlugins: [remarkGfm, remarkFrontmatter],
}));
} catch (err) {
console.error("mdx-lint: " + err.message);
process.exit(1);
}
const refs = [...compiled.matchAll(/_missingMdxReference\("([^"]+)"/g)]
.map(m => m[1])
.filter(name => !ALLOWED.has(name));
const unique = [...new Set(refs)];
if (unique.length > 0) {
for (const name of unique) {
console.error("mdx-lint: Unknown component <" + name + ">. Allowed: " + [...ALLOWED].join(", "));
}
process.exit(1);
}
LINT_EOF
node /tmp/mdx-lint/mdx-lint.mjs < _caller/docs/connector.mdx
LINT_RC=$?
if [ "$LINT_RC" -eq 0 ]; then
echo "MDX validation passed"
else
echo "::error file=docs/connector.mdx::MDX validation failed. See log output above for details."
exit 1
fi
regression:
if: inputs.connector != ''
uses: ./.github/workflows/regression.yaml
with:
connector: ${{ inputs.connector }}
secrets:
RELENG_GITHUB_TOKEN: ${{ secrets.RELENG_GITHUB_TOKEN }}