Add super-linter to pre-commit (#30)

* add super-linter to pre-commit * add superlinter to usual linting pre-commit script * enhance config * finalize
mundialis · Dec 10, 2024 · 3050c54 · 3050c54
1 parent 821b1ab
commit 3050c54
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 5 deletions.
diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml
@@ -2,3 +2,4 @@
     name: linting (via docker)
     entry: /linting.sh
     language: docker
+    require_serial: true
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,10 @@
-FROM python:3-slim
+FROM ghcr.io/super-linter/super-linter:latest
 
 # This Dockerfile is used by the linting pre-commit hook.
 # Unfortunately there is no config option yet to specify the name or path
 # of this image, so it must be on root level simply named Dockerfile...
 
-RUN apt-get update && apt-get install jq wget -y
+RUN apk add jq wget
 RUN pip install --upgrade pip yq virtualenv toml-union
 
 # Copy linting workflow to identify linter versions if needed
@@ -22,3 +22,31 @@ RUN pip install -r requirements.txt
 COPY pre_commit_hooks/linting.sh /linting.sh
 
 CMD [ "bash /linting.sh" ]
+
+# Below for super-linter
+
+# pre-commit seems to set too strict permissions:
+# error: could not lock config file //.gitconfig: Permission denied
+# Therefore do not configure globally
+# https://github.com/super-linter/super-linter/blob/main/lib/linter.sh#L345
+RUN sed -i 's+git config --global --add safe.directory+git config --add safe.directory+g' /action/lib/linter.sh
+
+# save to be able to export later
+RUN echo "RUN_LOCAL=TRUE" >> /super-linter.txt
+RUN echo "DEFAULT_BRANCH=main" >> /super-linter.txt
+RUN echo "DEFAULT_WORKSPACE=/src" >> /super-linter.txt
+RUN echo BASH_SEVERITY=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."BASH_SEVERITY"'.default) >> /super-linter.txt
+RUN echo VALIDATE_BASH=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_BASH"'.default) >> /super-linter.txt
+RUN echo VALIDATE_BASH_EXEC=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_BASH_EXEC"'.default) >> /super-linter.txt
+RUN echo VALIDATE_CSS=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_CSS"'.default) >> /super-linter.txt
+RUN echo VALIDATE_DOCKERFILE_HADOLINT=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_DOCKERFILE_HADOLINT"'.default) >> /super-linter.txt
+RUN echo VALIDATE_GITHUB_ACTIONS=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_GITHUB_ACTIONS"'.default) >> /super-linter.txt
+RUN echo VALIDATE_HTML=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_HTML"'.default) >> /super-linter.txt
+RUN echo VALIDATE_JAVASCRIPT_ES=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_JAVASCRIPT_ES"'.default) >> /super-linter.txt
+RUN echo VALIDATE_JAVASCRIPT_STANDARD=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_JAVASCRIPT_STANDARD"'.default) >> /super-linter.txt
+RUN echo VALIDATE_JSON=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_JSON"'.default) >> /super-linter.txt
+RUN echo VALIDATE_MARKDOWN=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_MARKDOWN"'.default) >> /super-linter.txt
+RUN echo VALIDATE_POWERSHELL=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_POWERSHELL"'.default) >> /super-linter.txt
+RUN echo VALIDATE_RENOVATE=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_RENOVATE"'.default) >> /super-linter.txt
+RUN echo VALIDATE_XML=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_XML"'.default) >> /super-linter.txt
+RUN echo VALIDATE_YAML=$(cat $WORKFLOW_LINTING_WORKFLOW | yq .on.workflow_call.inputs | jq -r '."VALIDATE_YAML"'.default) >> /super-linter.txt
diff --git a/pre_commit_hooks/linting.sh b/pre_commit_hooks/linting.sh
@@ -25,6 +25,7 @@ RUN_BLACK=TRUE
 RUN_FLAKE8=TRUE
 RUN_PYLINT=TRUE
 RUN_RUFF=TRUE
+RUN_SUPERLINTER=TRUE
 
 ####################################
 # Overwrite linter versions if set #
@@ -38,10 +39,11 @@ then
     then
         RUN_BLACK=FALSE
         echo "- black configured to be skipped (empty string)"
-    elif [ $DEFAULT_BLACK_VERSION != $NEW_BLACK_VERSION ]
+    elif [ $DEFAULT_BLACK_VERSION != `echo $NEW_BLACK_VERSION | tr -d '"'` ]
     then
-        # sed would fail with Permission denied
+        # sed or pip would fail with Permission denied
         # sed -i "s+$DEFAULT_BLACK_VERSION+$NEW_BLACK_VERSION+g" /requirements.txt
+        # pip3 install black==`echo $NEW_BLACK_VERSION | tr -d '"'`
         echo "- Warning: overwritten black version will not be installed!"
     fi
 else
@@ -108,7 +110,7 @@ echo
 # Install linters #
 ###################
 # TODO: if versions are not default versions, this fails due to missing permissions
-pip3 install -r /requirements.txt
+# pip3 install -r /requirements.txt
 echo
 echo "flake8: `flake8 --version`"
 echo "pylint: `pylint --version`"
@@ -214,6 +216,27 @@ else
     echo "RUFF configured to be skipped"
 fi
 
+if [ $RUN_SUPERLINTER != "FALSE" ]
+then
+    echo
+    echo "SUPERLINTER:"
+    # overwrite rules with default config
+    . /super-linter.txt && export $(cut -d= -f1 /super-linter.txt)
+    # overwrite rules with custom repo config
+    `cat /src/.github/workflows/linting.yml | yq .jobs.lint.with | grep -v "-version" | tr -d ',' | jq -r 'to_entries[] | "export \(.key)=\(.value)"'`
+    # run linting script
+    bash /action/lib/linter.sh
+    if [ $? -ne 0 ]
+    then
+        RETURNCODE=1
+        FAILINGSTEP="$FAILINGSTEP SUPERLINTER (run '/action/lib/linter.sh')"
+    fi
+else
+    echo
+    echo "SUPERLINTER configured to be skipped"
+fi
+
+
 if [ $RETURNCODE -ne 0 ]
 then
     echo "Failing steps: ${FAILINGSTEP}"