-
Notifications
You must be signed in to change notification settings - Fork 0
163 lines (146 loc) · 6.07 KB
/
Copy pathvalidate.yml
File metadata and controls
163 lines (146 loc) · 6.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
name: validate
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
structure:
name: Plugin structure & JSON
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Validate plugin.json
run: |
test -f .claude-plugin/plugin.json
python3 -c "import json; json.load(open('.claude-plugin/plugin.json'))"
test -f purchasely/.claude-plugin/plugin.json
python3 -c "import json; json.load(open('purchasely/.claude-plugin/plugin.json'))"
test -f purchasely/.codex-plugin/plugin.json
python3 -c "import json; json.load(open('purchasely/.codex-plugin/plugin.json'))"
test -f .cursor-plugin/plugin.json
python3 -c "import json; json.load(open('.cursor-plugin/plugin.json'))"
test -f purchasely/.cursor-plugin/plugin.json
python3 -c "import json; json.load(open('purchasely/.cursor-plugin/plugin.json'))"
- name: Validate marketplace.json
run: |
test -f .claude-plugin/marketplace.json
python3 -c "import json; json.load(open('.claude-plugin/marketplace.json'))"
test -f .agents/plugins/marketplace.json
python3 -c "import json; json.load(open('.agents/plugins/marketplace.json'))"
python3 - <<'PY'
import json
marketplace = json.load(open('.agents/plugins/marketplace.json'))
plugin = marketplace['plugins'][0]
assert plugin['name'] == 'purchasely'
assert plugin['source']['path'] == './purchasely'
PY
test -f .cursor-plugin/marketplace.json
python3 -c "import json; json.load(open('.cursor-plugin/marketplace.json'))"
python3 - <<'PY'
import json
marketplace = json.load(open('.cursor-plugin/marketplace.json'))
assert marketplace['metadata']['pluginRoot'] == '.'
plugin = marketplace['plugins'][0]
assert plugin['name'] == 'purchasely'
assert plugin['source'] == 'purchasely'
PY
- name: Validate Gemini extension
run: |
test -f gemini-extension.json
python3 -c "import json; json.load(open('gemini-extension.json'))"
- name: Validate package.json
run: |
test -f package.json
python3 -c "import json; json.load(open('package.json'))"
- name: Check required files
run: |
for f in README.md LICENSE CONTRIBUTING.md SECURITY.md CODE_OF_CONDUCT.md CHANGELOG.md .gitignore; do
test -f "$f" || { echo "::error file=$f::Missing required file"; exit 1; }
done
- name: Check all skills have SKILL.md
run: |
for d in skills/*/; do
test -f "$d/SKILL.md" || { echo "::error file=$d::Missing SKILL.md"; exit 1; }
done
- name: Check plugin folder links
run: |
for f in \
purchasely/skills/purchasely-sdk-expert/SKILL.md \
purchasely/skills/purchasely-integrate/SKILL.md \
purchasely/references/android/initialization.md \
purchasely/commands/integrate.md \
purchasely/agents/purchasely-sdk-expert.md \
purchasely/hooks/hooks.json
do
test -f "$f" || { echo "::error file=$f::Missing plugin folder link"; exit 1; }
done
- name: Validate SKILL.md front-matter
run: |
python3 <<'PY'
import os, re, sys, glob
required = ("name", "description")
errors = []
for path in sorted(glob.glob("skills/*/SKILL.md")):
with open(path) as f:
content = f.read()
m = re.match(r"^---\s*\n(.*?)\n---\s*\n", content, re.DOTALL)
if not m:
errors.append(f"{path}: missing YAML front-matter")
continue
fm = m.group(1)
for key in required:
if not re.search(rf"^{key}\s*:", fm, re.MULTILINE):
errors.append(f"{path}: front-matter missing '{key}:'")
if errors:
for e in errors:
print(f"::error::{e}")
sys.exit(1)
print("All SKILL.md front-matter OK")
PY
- name: Validate skill reference links
run: |
python3 <<'PY'
import glob
import pathlib
import re
import sys
errors = []
pattern = re.compile(r"(?<![\w./-])(?:\.\./\.\./references/|\.\./references/|references/)[A-Za-z0-9_./-]+")
for path in sorted(glob.glob("skills/*/SKILL.md")):
skill_path = pathlib.Path(path)
content = skill_path.read_text()
for match in pattern.finditer(content):
ref = match.group(0).rstrip(".,;:)")
if not ref.startswith("../../references/"):
errors.append(f"{path}: use ../../{ref.removeprefix('../')} so installed plugins resolve references from the skill directory")
continue
target = (skill_path.parent / ref).resolve()
if not target.exists():
errors.append(f"{path}: missing reference target {ref}")
if errors:
for error in errors:
print(f"::error::{error}")
sys.exit(1)
print("All skill reference links OK")
PY
- name: Reject committed real API keys
run: |
if grep -rE 'pk_(live|test)_[A-Za-z0-9]{20,}|sk_(live|test)_[A-Za-z0-9]{20,}' \
--include='*.md' --include='*.json' --include='*.sh' --include='*.yml' \
--exclude-dir=.git . ; then
echo "::error::Real-looking API key detected — refusing to merge."
exit 1
fi
markdownlint:
name: Lint Markdown
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: DavidAnson/markdownlint-cli2-action@v17
with:
globs: |
**/*.md
!node_modules
!.github/PULL_REQUEST_TEMPLATE.md
!.github/ISSUE_TEMPLATE/**