free-games-claimer/.github/workflows/mega-linter.yml

# MegaLinter GitHub Action configuration file
# More info at https://megalinter.io

# See .mega-linter.yml for actual config and examples how to run this locally.
---
name: MegaLinter

# Trigger mega-linter at every push. Action will also be visible from
# Pull Requests to main
on:
  # Comment this line to trigger action only on pull-requests
  # (not recommended if you don't pay for GH Actions)
  push:

  pull_request:
    branches:
      - main
      - dev

# Comment env block if you do not want to apply fixes
env:
  # Apply linter fixes configuration
  #
  # When active, APPLY_FIXES must also be defined as environment variable
  # (in github/workflows/mega-linter.yml or other CI tool)
  APPLY_FIXES: all

  # Decide which event triggers application of fixes in a commit or a PR
  # (pull_request, push, all)
  APPLY_FIXES_EVENT: pull_request

  # If APPLY_FIXES is used, defines if the fixes are directly committed (commit)
  # or posted in a PR (pull_request)
  APPLY_FIXES_MODE: commit

concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}
  cancel-in-progress: true

jobs:
  megalinter:
    name: MegaLinter
    runs-on: ubuntu-latest

    # Give the default GITHUB_TOKEN write permission to commit and push, comment
    # issues, and post new Pull Requests; remove the ones you do not need
    permissions:
      contents: write
      issues: write
      pull-requests: write
      security-events: write # needed for SARIF upload
      actions: write # needed to commit fixes for workflows?

    steps:
      # Git Checkout
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}

          # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to
          # improve performance
          fetch-depth: 0

      # MegaLinter
      - name: MegaLinter

        # You can override MegaLinter flavor used to have faster performances
        # More info at https://megalinter.io/latest/flavors/
        # uses: oxsecurity/megalinter@v8 # default (127 linters)
        uses: oxsecurity/megalinter/flavors/cupcake@v8.7.0 # most common, was recommended in output (88 linters)

        id: ml

        # All available variables are described in documentation
        # https://megalinter.io/latest/config-file/
        env:
          # Validates all source when push on main, else just the git diff with
          # main. Override with true if you always want to lint all sources
          #
          # To validate the entire codebase, set to:
          # VALIDATE_ALL_CODEBASE: true
          #
          # To validate only diff with main, set to:
          # VALIDATE_ALL_CODEBASE: >-
          #   ${{
          #     github.event_name == 'push' &&
          #     github.ref == 'refs/heads/main'
          #   }}
          VALIDATE_ALL_CODEBASE: true

          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

          # Uncomment to use ApiReporter (Grafana)
          # API_REPORTER: true
          # API_REPORTER_URL: ${{ secrets.API_REPORTER_URL }}
          # API_REPORTER_BASIC_AUTH_USERNAME: ${{ secrets.API_REPORTER_BASIC_AUTH_USERNAME }}
          # API_REPORTER_BASIC_AUTH_PASSWORD: ${{ secrets.API_REPORTER_BASIC_AUTH_PASSWORD }}
          # API_REPORTER_METRICS_URL: ${{ secrets.API_REPORTER_METRICS_URL }}
          # API_REPORTER_METRICS_BASIC_AUTH_USERNAME: ${{ secrets.API_REPORTER_METRICS_BASIC_AUTH_USERNAME }}
          # API_REPORTER_METRICS_BASIC_AUTH_PASSWORD: ${{ secrets.API_REPORTER_METRICS_BASIC_AUTH_PASSWORD }}
          # API_REPORTER_DEBUG: false

          # ADD YOUR CUSTOM ENV VARIABLES HERE TO OVERRIDE VALUES OF
          # .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY

      # Upload MegaLinter artifacts
      - name: Archive production artifacts
        uses: actions/upload-artifact@v4
        if: success() || failure()
        with:
          name: MegaLinter reports
          include-hidden-files: "true"
          path: |
            megalinter-reports
            mega-linter.log

      # Create pull request if applicable
      # (for now works only on PR from same repository, not from forks)
      - name: Create Pull Request with applied fixes
        uses: peter-evans/create-pull-request@v6
        id: cpr
        if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'pull_request' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        with:
          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
          commit-message: "[MegaLinter] Apply linters automatic fixes"
          title: "[MegaLinter] Apply linters automatic fixes"
          labels: bot

      - name: Create PR output
        if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'pull_request' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        run: |
          echo "PR Number - ${{ steps.cpr.outputs.pull-request-number }}"
          echo "PR URL - ${{ steps.cpr.outputs.pull-request-url }}"

      # Push new commit if applicable
      # (for now works only on PR from same repository, not from forks)
      - name: Prepare commit
        if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'commit' &&
          github.ref != 'refs/heads/main' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        run: sudo chown -Rc $UID .git/

      - name: Commit and push applied linter fixes
        uses: stefanzweifel/git-auto-commit-action@v5
        if: >-
          steps.ml.outputs.has_updated_sources == 1 &&
          (
            env.APPLY_FIXES_EVENT == 'all' ||
            env.APPLY_FIXES_EVENT == github.event_name
          ) &&
          env.APPLY_FIXES_MODE == 'commit' &&
          github.ref != 'refs/heads/main' &&
          (
            github.event_name == 'push' ||
            github.event.pull_request.head.repo.full_name == github.repository
          ) &&
          !contains(github.event.head_commit.message, 'skip fix')
        with:
          branch: >-
            ${{
              github.event.pull_request.head.ref ||
              github.head_ref ||
              github.ref
            }}
          commit_message: "[MegaLinter] Apply linters fixes"
          commit_user_name: megalinter-bot
          commit_user_email: 129584137+megalinter-bot@users.noreply.github.com

      # https://megalinter.io/latest/reporters/SarifReporter/
      - name: Upload MegaLinter scan results to GitHub Security tab
        if: success() || failure()
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: "megalinter-reports/megalinter-report.sarif"
          category: mega-linter

      # https://github.blog/news-insights/product-news/supercharging-github-actions-with-job-summaries/
      - name: Add job summary
        if: success() || failure()
        run: cat "megalinter-reports/megalinter-report.md" >> "$GITHUB_STEP_SUMMARY"

      # logs and artifacts are retained for 90 days, workflow run history is retained for 400 days... https://docs.github.com/en/actions/administering-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy