Skip to content

Commit 875daee

Browse files
committed
Add pre-commit hooks and CI lint job
Adds .pre-commit-config.yaml with standard hooks (check-json, check-yaml, check-executables-have-shebangs, check-shebang-scripts-are- executable, end-of-file-fixer, trailing-whitespace, pretty-format-json, shellcheck, etc.) and an inline `lint` job in production.yml gated by the `ci` meta-job's `needs:`. Lint job uses SHA-pinned actions (checkout@v6.0.2, setup-python@v5.6.0, pre-commit/action@v3.0.1) with `permissions: contents: read` and `persist-credentials: false`. Hook versions updated via pre-commit autoupdate. Template and rendered-file changes to make pre-commit pass: - Mark shell-script Jinja2 templates (*.sh.jinja2) executable so rendered scripts inherit the exec bit via bakery's template-mode propagation (posit-dev/images-shared#469) - Mark justfile executable + add a `setup` recipe to install hooks - Add `# shellcheck disable=SC2045`, `# shellcheck disable=SC2046`, and quoted variables across startup.sh.jinja2 and install_workbench.sh.jinja2 - Strip leading whitespace from `{% for %}`/`{% endfor %}`/`{% raw %}` blocks in goss.yaml template so rendered output doesn't regress into trailing whitespace on re-render - Drop `.jinja2` suffix from vscode-user-settings.json.jinja2 (no Jinja2 syntax; matches positron-user-settings.json convention); reformat to 2-space indent with alphabetized keys so pretty-format-json passes - Exclude *.sh.jinja2 from check-executables-have-shebangs (templates compose shebangs from Jinja2 macros) - Exclude .claude/settings.json from pretty-format-json README: add `pre-commit` bullet to the Prerequisites list pointing contributors at `just setup`. Various trailing-newline and trailing-whitespace fixes across rendered and non-rendered files surfaced by the new hooks.
1 parent f304bb1 commit 875daee

30 files changed

Lines changed: 158 additions & 97 deletions

.github/dependabot.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,4 +10,3 @@ updates:
1010
actions:
1111
patterns:
1212
- "*"
13-

.github/workflows/development.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -76,4 +76,4 @@ jobs:
7676
dev-versions: "only"
7777
remove-dangling-caches: true
7878
remove-caches-older-than: 14
79-
clean-temporary-images: false
79+
clean-temporary-images: false

.github/workflows/production.yml

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@ jobs:
3030
runs-on: ubuntu-latest
3131
timeout-minutes: 10
3232
needs:
33+
- lint
3334
- build
3435

3536
steps:
@@ -44,6 +45,23 @@ jobs:
4445
result: ${{ steps.alls-green.outcome }}
4546
slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
4647

48+
lint:
49+
name: Lint
50+
runs-on: ubuntu-latest
51+
timeout-minutes: 10
52+
permissions:
53+
contents: read
54+
steps:
55+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
56+
with:
57+
persist-credentials: false
58+
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
59+
with:
60+
python-version: "3.x"
61+
- uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
62+
env:
63+
SKIP: no-commit-to-branch
64+
4765
build:
4866
name: Build
4967
# Build all images, excluding dev versions.
@@ -79,4 +97,4 @@ jobs:
7997
with:
8098
remove-dangling-caches: true
8199
remove-caches-older-than: 14
82-
clean-temporary-images: false
100+
clean-temporary-images: false

.gitignore

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -168,4 +168,3 @@ cython_debug/
168168
# and can be added to the global gitignore or merged into this file. For a more nuclear
169169
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
170170
#.idea/
171-

.pre-commit-config.yaml

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
# See https://pre-commit.com for more information
2+
# See https://pre-commit.com/hooks.html for more hooks
3+
repos:
4+
- repo: https://github.com/pre-commit/pre-commit-hooks
5+
rev: v6.0.0
6+
hooks:
7+
- id: check-added-large-files
8+
- id: check-case-conflict
9+
- id: check-executables-have-shebangs
10+
exclude: "^.*\\.sh\\.jinja2$"
11+
- id: check-json
12+
- id: check-shebang-scripts-are-executable
13+
- id: check-yaml
14+
exclude: "^.*goss.yaml$"
15+
- id: detect-aws-credentials
16+
args: [--allow-missing-credentials]
17+
- id: detect-private-key
18+
- id: end-of-file-fixer
19+
- id: fix-byte-order-marker
20+
- id: mixed-line-ending
21+
- id: no-commit-to-branch
22+
args: [--branch, main]
23+
- id: pretty-format-json
24+
exclude: "^\\.claude/settings\\.json$"
25+
- id: trailing-whitespace
26+
- repo: https://github.com/koalaman/shellcheck-precommit
27+
rev: v0.11.0
28+
hooks:
29+
- id: shellcheck
30+
args: ["-s", "bash"]

CODE_OF_CONDUCT.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -131,4 +131,3 @@ For answers to common questions about this code of conduct, see the FAQ at
131131
[Mozilla CoC]: https://github.com/mozilla/diversity
132132
[FAQ]: https://www.contributor-covenant.org/faq
133133
[translations]: https://www.contributor-covenant.org/translations
134-

README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -152,6 +152,12 @@ Build prerequisites
152152
just install-goss
153153
```
154154

155+
* [`pre-commit`](https://pre-commit.com/) hooks (for contributors)
156+
157+
```shell
158+
just setup
159+
```
160+
155161
### Build with `bakery`
156162

157163
By default, bakery creates an ephemeral JSON [bakefile](https://docs.bakefile.org/en/latest/language.html) to render all containers in parallel.

justfile

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,9 @@
11
#!/usr/bin/env just --justfile
22

3+
setup:
4+
pre-commit --version || (echo "pre-commit not found, install with: uv tool install pre-commit" && exit 1)
5+
pre-commit install --install-hooks
6+
37
install-bakery *OPTS:
48
#!/bin/bash
59
# TODO: Update this after package is published somewhere
Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
2-
"terminal.integrated.defaultProfile.linux": "bash",
3-
"extensions.autoUpdate": false,
42
"extensions.autoCheckUpdates": false,
5-
"quarto.path": "/usr/lib/rstudio-server/bin/quarto/bin/quarto"
3+
"extensions.autoUpdate": false,
4+
"quarto.path": "/usr/lib/rstudio-server/bin/quarto/bin/quarto",
5+
"terminal.integrated.defaultProfile.linux": "bash"
66
}
Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"terminal.integrated.shell.linux": "bash",
3-
"extensions.autoUpdate": false,
4-
"extensions.autoCheckUpdates": false
2+
"extensions.autoCheckUpdates": false,
3+
"extensions.autoUpdate": false,
4+
"terminal.integrated.shell.linux": "bash"
55
}

0 commit comments

Comments
 (0)