1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
pre-push:
parallel: true
skip:
- ref: master
commands:
danger:
files: git diff --name-only $(git merge-base origin/master HEAD)..HEAD
# We need to specify {files} as part of the command, otherwise it won't execute the hook
run: echo {files} >/dev/null && FROM_LEFTHOOK=1 bundle exec rake danger_local
eslint:
tags: frontend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.{js,vue}'
run: yarn run lint:eslint {files}
jsonlint:
tags: style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.{json}'
run: scripts/lint-json -v {files}
haml-lint:
tags: view haml style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.html.haml'
run: REVEAL_RUBOCOP_TODO=0 bundle exec haml-lint --parallel --config .haml-lint.yml {files}
markdownlint:
tags: documentation style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
exclude: 'doc/api/graphql/reference/index.md'
glob: 'doc/*.md'
run: yarn markdownlint {files}
yamllint:
tags: backend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.{yml,yaml}{,.*}'
run: scripts/lint-yaml.sh {files}
mermaidlint:
tags: documentation style,backend style,frontend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{app,lib,ee,spec,doc,scripts}/**/*.md'
run: scripts/lint/check_mermaid.mjs {files}
stylelint:
tags: stylesheet css style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.scss{,.css}'
run: yarn stylelint {files}
prettier:
tags: frontend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.{js,vue,graphql}'
run: yarn run prettier --check {files}
sidekiq-queues:
tags: backend
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{,ee/}app/workers/*.rb'
run: bundle exec rake gitlab:sidekiq:queues:check
graphql_docs:
tags: documentation
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{,ee/}app/graphql/**/*.rb'
run: bundle exec rake gitlab:graphql:check_docs
vale: # Requires Vale: https://docs.gitlab.com/ee/development/documentation/testing/vale.html
tags: documentation style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
exclude: 'doc/api/graphql/reference/index.md'
glob: 'doc/*.md'
run: 'if [ $VALE_WARNINGS ]; then minWarnings=warning; else minWarnings=error; fi; if command -v vale > /dev/null 2>&1; then if ! vale --config .vale.ini --minAlertLevel $minWarnings {files}; then echo "ERROR: Fix any linting errors and make sure you are using the latest version of Vale."; exit 1; fi; else echo "ERROR: Vale not found. For more information, see https://vale.sh/docs/vale-cli/installation/."; exit 1; fi'
gettext:
tags: backend frontend view haml
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD | while read file;do git diff --unified=1 $(git merge-base origin/master HEAD)..HEAD $file | grep -Fqe '_(' && echo $file;done; true
glob: '*.{haml,rb,js,vue}'
run: tooling/bin/gettext_extractor /dev/stdout --silent | diff - locale/gitlab.pot || ( echo "\nPO files need to be updated. Try running tooling/bin/gettext_extractor locale/gitlab.pot" && exit 1 )
docs-metadata: # See https://docs.gitlab.com/ee/development/documentation/metadata.html
tags: documentation style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: 'doc/*.md'
run: scripts/lint-docs-metadata.sh {files}
docs-deprecations:
tags: documentation
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: 'data/deprecations/*.yml'
run: echo "Changes to deprecation files detected. Checking deprecations..\n"; bundle exec rake gitlab:docs:check_deprecations
docs-link-check:
tags: documentation
files: git diff --name-only $(git merge-base origin/master HEAD)..HEAD
glob: 'doc/*.md'
run: scripts/lint-docs-link-check.sh
db-schema-changes:
tags: database
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: 'db/structure.sql'
run: scripts/validate_schema_changes
db-migration-name-collisions:
tags: database
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{db/migrate/*.rb,db/post_migrate/*.rb,ee/elastic/migrate/*.rb}'
run: scripts/validate_name_collisions_between_migrations
static-verification:
skip: true # This is disabled by default. You can enable this check by adding skip: false in lefthook-local.yml https://github.com/evilmartians/lefthook/blob/master/docs/configuration.md#skip
tags: backend
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '*.{rb}'
run: bundle exec rake lint:static_verification
bundler-checksum-lint:
tags: backend bundler
glob: 'Gemfile.lock'
run: bundle exec bundler-checksum lint
audit_event_types_docs:
tags: documentation
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{config/audit_events/types/*.yml,ee/config/audit_events/types/*yml,doc/user/compliance/audit_event_types.md,tooling/audit_events/docs/templates/audit_event_types.md.erb}'
run: bundle exec rake gitlab:audit_event_types:check_docs
custom_roles_docs:
tags: documentation
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: '{ee/config/custom_abilities/*yml,doc/user/custom_roles/abilities.md,tooling/custom_roles/docs/templates/custom_abilities.md.erb}'
run: bundle exec rake gitlab:custom_roles:check_docs
rubocop:
tags: backend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
# foo.rb, foo.rake or Foofile
glob: '{*.{rb,rake},[A-Z]*file}'
run: REVEAL_RUBOCOP_TODO=0 bundle exec rubocop --parallel --force-exclusion --no-server {files}
verify-tff-mapping:
tags: backend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD)..HEAD
glob: 'tests.yml'
run: scripts/verify-tff-mapping
secrets-detection:
tags: secrets
run: .lefthook/gitleaks.sh pre-push
scripts:
'merge_conflicts':
skip: true # This is disabled by default. You can enable this check by adding skip: false in lefthook-local.yml https://github.com/evilmartians/lefthook/blob/master/docs/configuration.md#skip
runner: bash
'security_harness':
tags: security
runner: bash
pre-commit:
parallel: true
commands:
rubocop:
tags: backend style
files: git diff --name-only --diff-filter=d --staged
# foo.rb, foo.rake or Foofile
glob: '{*.{rb,rake},[A-Z]*file}'
run: REVEAL_RUBOCOP_TODO=0 bundle exec rubocop --parallel --force-exclusion --no-server {files}
verify-tff-mapping:
tags: backend style
files: git diff --name-only --diff-filter=d --staged
glob: 'tests.yml'
run: scripts/verify-tff-mapping
secrets-detection:
tags: secrets
run: .lefthook/gitleaks.sh pre-commit
auto-fix:
parallel: true
commands:
frontend:
tags: frontend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD) --cached
glob: '*.{js,vue}'
run: 'yarn run lint:eslint:fix {files} && yarn run prettier --write --list-different {files}'
jsonlint:
tags: style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD) --cached
glob: '*.{json}'
run: scripts/lint-json --format --verbose {files}
prettier-graphql:
tags: frontend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD) --cached
glob: '*.{graphql}'
run: yarn run prettier --write --list-different {files}
rubocop:
tags: backend style
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD) --cached
glob: '*.{rb,rake}'
run: REVEAL_RUBOCOP_TODO=0 bundle exec rubocop --parallel --autocorrect --force-exclusion --no-server {files}
gettext:
tags: backend frontend view haml
files: git diff --name-only --diff-filter=d $(git merge-base origin/master HEAD) --cached | while read file;do git diff --unified=1 $(git merge-base origin/master HEAD) $file | grep -Fqe '_(' && echo $file;done; true
glob: '*.{haml,rb,js,vue}'
run: tooling/bin/gettext_extractor locale/gitlab.pot
|
