cmur2
commented
1 day ago Related PR: https://github.com/camunda/camunda/pull/25463
Closed cmur2 closed 3 hours ago
cmur2
commented
1 day ago Related PR: https://github.com/camunda/camunda/pull/25463
Description
As observed e.g. in https://github.com/camunda/camunda/pull/24989 or https://github.com/camunda/camunda/issues/21766 there are GHA best practices (having
timeout-minuteson every job, having CI Health instrumentation inci.yml) that https://github.com/rhysd/actionlint doesn't detect nor warn about.It would be nice to have a tool (best case an existing one) to check for these configurable & extensible set of best practices against our set of GHA pipelines in the monorepo. Those should be automatically run on any GHA file change.
Hint
Could also consider watching for discouraged GHA secrets usage or following GHA caching strategy.
❌ Check out https://stelligent.github.io/config-lint/ (Update: project last maintained 4 years ago, fails on YAML keys with hyphens like
timeout-minutes) ✔️ Check out https://www.conftest.dev/ which is also used by Infra team to lint K8s YAML files