lefthook.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

pre-push:
  parallel: true
  skip:
    - ref: master
  commands:
    danger:
      run: bundle exec rake danger_local
    eslint:
      tags: frontend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{js,vue}'
      run: yarn run lint:eslint {files}
    jsonlint:
      tags: style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{json}'
      run: scripts/lint-json -v {files}
    haml-lint:
      tags: view haml style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.html.haml'
      run: REVEAL_RUBOCOP_TODO=0 bundle exec haml-lint --parallel --config .haml-lint.yml {files}
    markdownlint:
      tags: documentation style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'doc/*.md'
      run: yarn markdownlint {files}
    yamllint:
      tags: backend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{yml,yaml}{,.*}'
      run: scripts/lint-yaml.sh {files}
    stylelint:
      tags: stylesheet css style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.scss{,.css}'
      run: yarn stylelint {files}
    prettier:
      tags: frontend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{js,vue,graphql}'
      run: yarn run prettier --check {files}
    rubocop:
      tags: backend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{rb,rake}'
      run: REVEAL_RUBOCOP_TODO=0 bundle exec rubocop --parallel --force-exclusion {files}
    sidekiq-queues:
      tags: backend
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '{,ee/}app/workers/*.rb'
      run: bundle exec rake gitlab:sidekiq:queues:check
    graphql_docs:
      tags: documentation
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '{app/graphql/**/*.rb,ee/app/graphql/**/*.rb}'
      run: bundle exec rake gitlab:graphql:check_docs
    vale: # Requires Vale: https://docs.gitlab.com/ee/development/documentation/testing.html#install-linters
      tags: documentation style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'doc/*.md'
      run: 'if [ $VALE_WARNINGS ]; then minWarnings=warning; else minWarnings=error; fi; if command -v vale > /dev/null 2>&1; then if ! vale --config .vale.ini --minAlertLevel $minWarnings {files}; then echo "ERROR: Fix any linting errors and make sure you are using the latest version of Vale."; exit 1; fi; else echo "ERROR: Vale not found. For more information, see https://docs.errata.ai/vale/install."; exit 1; fi'
    gettext:
      skip: true # This is disabled by default. You can enable this check by adding skip: false in lefhook-local.yml https://github.com/evilmartians/lefthook/blob/master/docs/configuration.md#skip
      tags: backend frontend view haml
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD | while read file;do git diff --unified=1 $(git merge-base origin/master HEAD)..HEAD $file | grep -Fqe '_(' && echo $file;done; true
      glob: '*.{haml,rb,js,vue}'
      run: bin/rake gettext:updated_check
    docs-metadata: # See https://docs.gitlab.com/ee/development/documentation/#metadata
      tags: documentation style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'doc/*.md'
      run: scripts/lint-docs-metadata.sh {files}
    docs-trailing_spaces: # Not enforced in CI/CD pipelines, but reduces the amount of required cleanup: https://gitlab.com/gitlab-org/technical-writing/-/blob/main/.gitlab/issue_templates/tw-monthly-tasks.md#remote-tasks
      tags: documentation style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'doc/*.md'
      run: yarn markdownlint:no-trailing-spaces {files}
    docs-deprecations:
      tags: documentation
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'data/deprecations/*.yml'
      run: echo "Changes to deprecation files detected. Checking deprecations..\n"; bundle exec rake gitlab:docs:check_deprecations
    docs-removals:
      tags: documentation
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'data/removals/*.yml'
      run: echo "Changes to removals files detected. Checking removals..\n"; bundle exec rake gitlab:docs:check_removals
    db-schema-changes:
      tags: database
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: 'db/structure.sql'
      run: scripts/validate_schema_changes

  scripts:
    "merge_conflicts":
      skip: true # This is disabled by default. You can enable this check by adding skip: false in lefhook-local.yml https://github.com/evilmartians/lefthook/blob/master/docs/configuration.md#skip
      runner: bash
    "security_harness":
      tags: security
      runner: bash

pre-commit:
  parallel: true
  commands:
    secrets-detection:
      tags: secrets
      files: git diff --name-only --diff-filter=d --staged
      run: 'if command -v gitleaks > /dev/null 2>&1; then gitleaks protect --no-banner --staged --redact --verbose; else echo "WARNING: gitleaks is not installed. Please install it. See https://github.com/zricethezav/gitleaks#installing."; fi'

auto-fix:
  parallel: true
  commands:
    frontend:
      tags: frontend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{js,vue}'
      run: 'yarn run lint:eslint:fix {files} && yarn run prettier --write --list-different {files}'
    jsonlint:
      tags: style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{json}'
      run: scripts/lint-json --format --verbose {files}
    prettier-graphql:
      tags: frontend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{graphql}'
      run: yarn run prettier --write --list-different {files}
    rubocop:
      tags: backend style
      files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
      glob: '*.{rb,rake}'
      run: REVEAL_RUBOCOP_TODO=0 bundle exec rubocop --parallel --autocorrect --force-exclusion {files}