gnu: Add actionlint.

Actionlint is a linter for GitHub Action workflow files. * gnu/packages/check.scm (actionlint): New variable. Signed-off-by: Leo Famulari <leo@famulari.name>
2025-01-24 03:06:40 +01:00 · 2023-02-26 20:13:21 +01:00 · 2023-02-26 20:13:21 +01:00 · eb87d2c4a0
commit eb87d2c4a0
parent ec8c7370df
1 changed files with 52 additions and 0 deletions
--- a/gnu/packages/check.scm
+++ b/gnu/packages/check.scm
@ -1047,6 +1047,58 @@ (define-public go-github-com-robfig-cron-1.2
               (base32
                "0nv31m3940d9kf38lw2zs4hpj435bdi9mmim098rb3n4l07qrvva"))))))

+(define-public actionlint
+  (package
+    (name "actionlint")
+    (version "1.6.23")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://github.com/rhysd/actionlint")
+                    (commit (string-append "v" version))))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32
+                "07is4920a40zrl7mfldg0az2pisi7f6dv4vh3ijn3nzb4i7fqbni"))))
+    (build-system go-build-system)
+    (arguments
+     '(#:import-path "github.com/rhysd/actionlint/cmd/actionlint"
+       #:unpack-path "github.com/rhysd/actionlint"
+       #:install-source? #f))
+    (inputs (list go-github-com-fatih-color
+                  go-github-com-mattn-go-colorable
+                  go-github-com-mattn-go-runewidth
+                  go-github-com-robfig-cron-1.2
+                  go-golang.org-x-sync-errgroup
+                  go-golang.org-x-sync-semaphore
+                  go-gopkg-in-yaml-v3))
+    (native-inputs (list go-github-com-google-go-cmp-cmp))
+    (home-page "https://rhysd.github.io/actionlint/")
+    (synopsis "Static checker for GitHub Actions workflow files")
+    (description
+     "actionlint is a static checker for GitHub Actions
+workflow files.  Features include:
+
+@itemize
+@item Syntax check for workflow files to check unexpected or missing
+keys following workflow syntax
+@item Strong type check for @code{$@{@{ @}@}} expressions to catch
+several semantic errors like access to not existing property, type
+mismatches, ...
+@item Actions usage check to check that inputs at @code{with:} and
+outputs in @code{steps.@{id@}.outputs} are correct
+@item Reusable workflow check to check inputs/outputs/secrets of
+reusable workflows and workflow calls
+@item shellcheck and pyflakes integrations for scripts at @code{run:}
+@item Security checks; script injection by untrusted inputs,
+hard-coded credentials
+@item Other several useful checks; glob syntax validation,
+dependencies check for @code{needs:}, runner label validation, cron
+syntax validation, ...
+@end itemize
+")
+    (license license:expat)))
+
 (define-public python-parameterized
  (package
    (name "python-parameterized")