actions/pre-commit-action
5
0
Fork 0
mirror of https://github.com/pre-commit/action.git synced 2025-11-07 18:56:55 +00:00
Code Activity Actions

Merge tag 'v3.0.0' into release

Browse source
This commit is contained in:
Anthony Sottile 2022-06-05 16:05:03 -04:00
commit cf04e2f816
5 changed files with 58 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.github/workflows/main.yml vendored Normal file
View file

@ -0,0 +1,14 @@
name: main
on:
pull_request:
push:
branches: [main, test-me-*]
jobs:
main:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v3
- name: self test action
uses: ./

7
.pre-commit-config.yaml Normal file
View file

@ -0,0 +1,7 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.2.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml

55
README.md
View file

@ -8,7 +8,7 @@ Please switch to using [pre-commit.ci] which is faster and has more features.
___ ___
[![pre-commit.ci status](https://results.pre-commit.ci/badge/github/pre-commit/action/main.svg)](https://results.pre-commit.ci/latest/github/pre-commit/action/main) [![pre-commit.ci status](https://results.pre-commit.ci/badge/github/pre-commit/action/main.svg)](https://results.pre-commit.ci/latest/github/pre-commit/action/main)
[![Build Status](https://github.com/pre-commit/action/workflows/deploy/badge.svg)](https://github.com/pre-commit/action/actions) [![Build Status](https://github.com/pre-commit/action/workflows/main/badge.svg)](https://github.com/pre-commit/action/actions)
pre-commit/action pre-commit/action
================= =================
@ -32,9 +32,9 @@ jobs:
pre-commit: pre-commit:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v3
- uses: actions/setup-python@v2 - uses: actions/setup-python@v3
- uses: pre-commit/action@v2.0.3 - uses: pre-commit/action@v3.0.0
``` ```
This does a few things: This does a few things:
@ -52,40 +52,33 @@ Here's a sample step configuration that only runs the `flake8` hook against all
the files (use the template above except for the `pre-commit` action): the files (use the template above except for the `pre-commit` action):
```yaml ```yaml
- uses: pre-commit/action@v2.0.3 - uses: pre-commit/action@v3.0.0
with: with:
extra_args: flake8 --all-files extra_args: flake8 --all-files
``` ```
### using this action in private repositories ### using this action in private repositories
this action also provides an additional behaviour when used in private prior to v3.0.0, this action had custom behaviour which pushed changes back to
repositories. when configured with a github token, the action will push back the pull request when supplied with a `token`.
fixes to the pull request branch.
using the template above, you'll make two replacements for individual actions: this behaviour was removed:
- it required a PAT (didn't work with short-lived `GITHUB_TOKEN`)
- properly hiding this `input` from the installation and execution of hooks
is intractable in github actions (it is readily available as `$INPUT_TOKEN`)
- this meant potentially unvetted code could access the token via the
environment
first is the checkout step, which needs to use unlimited fetch depth for you can _likely_ achieve the same thing with an external action such as
pushing [git-auto-commit-action] though you may want to take precautions to clear `git`
hooks or other ways that arbitrary code execution can occur when running
`git commit` / `git push` (for example [core.fsmonitor]).
```yaml while unrelated to this action, [pre-commit.ci] avoids these problems by
- uses: actions/checkout@v2 installing and executing isolated from the short-lived repository-scoped
with: [installation access token].
fetch-depth: 0
```
next is passing the token to the pre-commit action [git-auto-commit-action]: https://github.com/stefanzweifel/git-auto-commit-action
[core.fsmonitor]: https://github.blog/2022-04-12-git-security-vulnerability-announced/
```yaml [pre-commit.ci]: https://pre-commit.ci
- uses: pre-commit/action@v2.0.3 [installation access token]: https://docs.github.com/en/rest/apps/apps#create-an-installation-access-token-for-an-app
with:
token: ${{ secrets.GITHUB_TOKEN }}
```
note that `secrets.GITHUB_TOKEN` is automatically provisioned and will not
require any special configuration.
while you could _technically_ configure this for a public repository (using a
personal access token), I can't think of a way to do this safely without
exposing a privileged token to pull requests -- if you have any ideas, please
leave an issue!

19
action.yml
View file

@ -1,13 +1,20 @@
name: pre-commit name: pre-commit
description: run pre-commit and optionally commit back to the pull request description: run pre-commit
inputs: inputs:
extra_args: extra_args:
description: options to pass to pre-commit run description: options to pass to pre-commit run
required: false required: false
default: '--all-files' default: '--all-files'
token:
description: github token to clone / push with
required: false
runs: runs:
using: 'node12' using: composite
main: 'dist/index.js' steps:
- run: python -m pip install pre-commit
shell: bash
- run: python -m pip freeze --local
shell: bash
- uses: actions/cache@v3
with:
path: ~/.cache/pre-commit
key: pre-commit-3|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
- run: pre-commit run --show-diff-on-failure --color=always ${{ inputs.extra_args }}
shell: bash

14
dist/index.js vendored
View file

File diff suppressed because one or more lines are too long