Skip to content

Bump JetBrains/qodana-action from 2024.2.5 to 2024.2.6 #440

Bump JetBrains/qodana-action from 2024.2.5 to 2024.2.6

Bump JetBrains/qodana-action from 2024.2.5 to 2024.2.6 #440

Workflow file for this run

name: Qodana Documentation validation
on:
push:
branches-ignore:
- 'dependabot/**'
paths:
- 'doc/**'
- '.github/workflows/docs.yml'
- 'qodana.yaml'
pull_request:
paths:
- 'doc/**'
- '.github/workflows/docs.yml'
- 'qodana.yaml'
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
qodana-docs:
name: Qodana Docs
runs-on: ubuntu-latest
permissions:
# necessary for the runs of push to store security events in the repo
# GitHub code scanning will treat any grammar error like any security event.
security-events: write
steps:
- name: Fetch Sources
if: github.event_name != 'pull_request'
uses: actions/checkout@v4
- name: Fetch Sources
if: github.event_name == 'pull_request'
uses: actions/checkout@v4
with:
fetch-depth: ${{ github.event.pull_request.commits }}
- name: Download AsciiDoc plugin for AsciiDoc checks
run: |
curl -L -o asciidoctor-intellij-plugin.zip https://github.com/asciidoctor/asciidoctor-intellij-plugin/releases/download/0.41.14/asciidoctor-intellij-plugin-0.41.14.zip
unzip asciidoctor-intellij-plugin.zip
- name: Download Grazie plugin for grammar checks
# https://plugins.jetbrains.com/plugin/12175-grazie/versions
run: |
curl -L -o grazie.zip 'https://plugins.jetbrains.com/plugin/download?rel=true&updateId=508282'
unzip grazie.zip
- name: Download Grazie Professional plugin for grammar checks
# https://plugins.jetbrains.com/plugin/16136-grazie-professional/versions
run: |
curl -L -o grazie-pro.zip 'https://plugins.jetbrains.com/plugin/download?rel=true&updateId=529722'
unzip grazie-pro.zip
- name: Create empty folder to overwrite disabled plugin
run: |
mkdir empty
- name: Get two more commits so Qodana we can identify the changes
if: github.event_name == 'pull_request'
run: git fetch --deepen=2
- name: 'Qodana for Docs'
uses: JetBrains/[email protected]
with:
upload-result: true
# https://hub.docker.com/r/jetbrains/qodana-jvm-community/tags
# this disables the Gradle plugin to avoid the Gradle initialization and the dependency download
# as that is not necessary for the Grazie and AsciiDoc plugins to check spelling and links.
# TODO: the plugin `org.jetbrains.plugins.gradle` should also be suppressed, but the parameter doesn't allow
# a comma when called from the Qodana action. Therefore overwrite it with an empty folder.
args: >
--linter,jetbrains/qodana-jvm-community:2024.2,
--property=idea.suppressed.plugins.id=com.intellij.gradle,
-v,${{ github.workspace }}/grazie:/opt/idea/plugins/grazie,
-v,${{ github.workspace }}/empty:/opt/idea/plugins/gradle-java,
-v,${{ github.workspace }}/grazie-pro:/opt/idea/plugins/grazie-pro,
-v,${{ github.workspace }}/asciidoctor-intellij-plugin:/opt/idea/plugins/asciidoctor-intellij-plugin,
--baseline,doc/qodana-baseline.sarif.json
# https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#example-workflow-that-runs-the-eslint-analysis-tool
- name: Upload SARIF report to GitHub
# so that it is present on all pull requests and GitHub shows the comparison results
uses: github/codeql-action/upload-sarif@v3
with:
# Path to SARIF file relative to the root of the repository
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: ${{ runner.temp }}/qodana/results/report
github-pages:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
name: GitHub Pages
runs-on: ubuntu-latest
needs:
- qodana-docs
if: github.ref_name == 'main'
permissions:
pages: write
id-token: write
steps:
- name: Setup Pages
uses: actions/configure-pages@v5
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
# tag::cleanup[]
cleanup:
name: Cleanup old builds
# avoid 403 error with message "Resource not accessible by integration" (seen with dependabot)
if: github.event_name != 'pull_request'
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- name: Cleanup old runs
uses: actions/github-script@v7
# language=js
with:
script: |
const days_to_expiration = 30;
const ms_in_day = 86400000;
const now = Date.now();
let response = await github.rest.actions.listWorkflowRuns({
owner: context.repo.owner,
repo: context.repo.repo,
per_page: 30,
workflow_id: 'docs.yml'
});
// traverse from the end to delete from the end to not get confused when deleting items
let page = Math.ceil(response.data.total_count / 30)
while (page > 1) {
response = await github.rest.actions.listWorkflowRuns({
owner: context.repo.owner,
repo: context.repo.repo,
page: page,
workflow_id: 'docs.yml'
});
for (const run of response.data.workflow_runs) {
const days_old = Math.ceil((now - Date.parse(run.created_at)) / ms_in_day)
if (days_old > days_to_expiration) {
console.log(`Run id ${run.id} is ${days_old} day old. Deleting...`);
await github.rest.actions.deleteWorkflowRun({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: run.id
});
} else {
console.log(`Run id ${run.id} is ${days_old} day old. Keeping...`);
}
}
-- page
}
# end::cleanup[]