Skip to content
CI

chore(deps): update dependency pipx:gopro-overlay to v0.134.0 #1593

Sign in to view logs

chore(deps): update dependency pipx:gopro-overlay to v0.134.0

chore(deps): update dependency pipx:gopro-overlay to v0.134.0 #1593

Workflow file for this run

.github/workflows/ci.yml at 0f263ae
name: CI
"on":
pull_request:
push:
branches:
- master
- main
workflow_dispatch:
# Cancel in-progress runs when new commit pushed
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Job 1: hk check
hk-check:
name: hk check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4
# Install zsh for syntax checking
- name: Install zsh
run: sudo apt-get update && sudo apt-get install -y zsh
# Run hk check on all files
# Skip steps that require tools not available in CI (ruby, renovate, yadm)
- name: Run hk check
run: hk check --all
env:
HK_SKIP_STEPS: standardrb,renovate-config-validator,no-yadm-alt-symlinks
# Job 2: Luacheck for Neovim Lua files
# Kept as a separate job because hk's global exclude hides .config/
luacheck:
name: Luacheck (Neovim Lua)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Run luacheck
uses: nebularg/actions-luacheck@d4137dd840545b28521ed21931e06913d93c0bc1 # v1
with:
files: ".config/nvim"
args: "--config .luacheckrc --formatter plain"
# Job 3: Neovim config validation
neovim-validate:
name: Neovim config validation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
# Install Neovim (latest stable)
- name: Install Neovim
run: |
curl -fLO --retry 3 --retry-delay 5 https://github.com/neovim/neovim/releases/download/v0.11.5/nvim-linux-x86_64.tar.gz
sudo tar xzf nvim-linux-x86_64.tar.gz -C /usr/local --strip-components=1
nvim --version
# Test config loads without errors
- name: Test Neovim config loads
run: |
# Create minimal test that loads config
nvim --headless --noplugin -u NONE -c "
set runtimepath+=$HOME/.config/nvim
lua dofile(vim.fn.expand('.config/nvim/lua/config/init.lua'))
lua =print('Config module loaded successfully')
" -c 'quitall!' 2>&1 | tee nvim-output.log
# Check for Lua errors
if grep -i "error" nvim-output.log; then
echo "Neovim config has errors"
exit 1
fi
echo "Neovim config validation passed"
# Job 4: Bootstrap script validation
bootstrap-validate:
name: Bootstrap scripts syntax
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
# Validate bash syntax for all bootstrap scripts
# Note: shellcheck runs in hk-check job
- name: Bash syntax check
run: |
echo "Checking bash syntax for bootstrap scripts..."
EXIT_CODE=0
# Find all .sh files (not symlinks)
while IFS= read -r script; do
echo "Checking: $script"
if ! bash -n "$script"; then
echo "❌ Syntax error in: $script"
EXIT_CODE=1
else
echo "✓ Syntax OK: $script"
fi
done < <(find .config/yadm/bootstrap.d -type f -name '*.sh')
# Check main bootstrap script
echo "Checking: .config/yadm/bootstrap"
if ! bash -n .config/yadm/bootstrap; then
echo "❌ Syntax error in: .config/yadm/bootstrap"
EXIT_CODE=1
else
echo "✓ Syntax OK: .config/yadm/bootstrap"
fi
exit $EXIT_CODE
# Job 5: Secret scanning
secret-scanning:
name: Secret scanning (Gitleaks)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0 # Full history for gitleaks
- name: Run Gitleaks
uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} # Uncomment if org repo