curl/.github/workflows/checksrc.yml
Viktor Szakats b4220bde0b
GHA/checksrc: switch xmllint job to Linux (from macOS)
macOS was chosen because xmllint comes preinstalled, saving the prereq
install step. But, macOS's xmllint jobs sometimes doesn't finish in 1m
(instead of under 1 second) and gets cancelled, causing flaky failures.
Go with Linux and an install phase (of 15s) instead.

Examples:
https://github.com/curl/curl/actions/runs/19558021722/job/56004334495

Closes #19634
2025-11-21 04:01:27 +01:00

192 lines
5.3 KiB
YAML

# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
#
# SPDX-License-Identifier: curl
# This workflow contains checks at the source code level only.
name: 'Source'
'on':
push:
branches:
- master
- '*/ci'
paths-ignore:
- '.circleci/**'
- 'appveyor.*'
- 'Dockerfile'
- 'plan9/**'
- 'tests/data/**'
pull_request:
branches:
- master
paths-ignore:
- '.circleci/**'
- 'appveyor.*'
- 'Dockerfile'
- 'plan9/**'
- 'tests/data/**'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
jobs:
checksrc:
name: 'checksrc'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: 'check'
run: scripts/checksrc-all.pl
linters:
name: 'spellcheck, linters, REUSE'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: 'install prereqs'
run: |
python3 -m venv ~/venv
~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary \
-r .github/scripts/requirements.txt \
-r tests/http/requirements.txt \
-r tests/requirements.txt
- name: 'REUSE check'
run: |
source ~/venv/bin/activate
reuse lint
- name: 'codespell'
run: |
source ~/venv/bin/activate
codespell --version
.github/scripts/codespell.sh
- name: 'typos'
run: |
HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install typos-cli
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
typos --version
.github/scripts/typos.sh
- name: 'cmakelint'
run: |
source ~/venv/bin/activate
scripts/cmakelint.sh
- name: 'perlcheck'
run: |
scripts/perlcheck.sh
- name: 'pytype'
run: |
source ~/venv/bin/activate
find . -name '*.py' -exec pytype -j auto -k -- {} +
- name: 'ruff'
run: |
source ~/venv/bin/activate
scripts/pythonlint.sh
complexity:
name: 'complexity'
runs-on: ubuntu-latest
timeout-minutes: 3
steps:
- name: 'install pmccabe'
run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install \
pmccabe
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: 'check scores'
run: ./scripts/top-complexity
xmllint:
name: 'xmllint'
runs-on: ubuntu-latest
timeout-minutes: 1
steps:
- name: 'install prereqs'
run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libxml2-utils
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: 'check'
run: |
{
git grep -z -i -l -E '^<\?xml' || true
git grep -z -L -F 'notxml' 'tests/data/test*' || true
} | xargs -0 -r xmllint >/dev/null
miscchecks:
name: 'misc checks'
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: 'install prereqs'
run: HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install actionlint shellcheck zizmor
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: 'zizmor GHA'
env:
GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
run: |
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
zizmor --pedantic .github/workflows/*.yml .github/dependabot.yml
- name: 'actionlint'
run: |
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
export SHELLCHECK_OPTS='--exclude=1090,1091,2086,2153 --enable=avoid-nullary-conditions,deprecate-which'
actionlint --version
actionlint --ignore matrix .github/workflows/*.yml
- name: 'shellcheck CI'
run: |
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
shellcheck --version
.github/scripts/shellcheck-ci.sh
- name: 'shellcheck'
run: |
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
shellcheck --version
.github/scripts/shellcheck.sh
- name: 'spacecheck'
run: .github/scripts/spacecheck.pl
- name: 'yamlcheck'
run: .github/scripts/yamlcheck.sh
- name: 'badwords'
run: |
# we allow some extra in source code
grep -Ev '(\\bwill| But: | So : )' .github/scripts/badwords.txt | .github/scripts/badwords.pl -a src lib include docs/examples