@@ -2,8 +2,7 @@ name: Python Lint
22' on '
33 push :
44 branches :
5- - master
6- - private/harsh/soc2-scan
5+ - main
76 - private/soc2
87 pull_request :
98
@@ -23,50 +22,69 @@ jobs:
2322 name : Ruff Lint & Auto PR
2423 needs : setup
2524 runs-on : ubuntu-latest
25+ outputs :
26+ ruff-issues-found : ${{ steps.scan.outputs.ruff_issues_found }}
2627 permissions :
27- contents : write
28- pull-requests : write
28+ contents : write
29+ pull-requests : write
2930
3031 steps :
31- - name : Checkout code
32- uses : actions/checkout@v3
32+ - name : Checkout code
33+ uses : actions/checkout@v3
34+
35+ - name : Set up Python
36+ uses : actions/setup-python@v4
37+ with :
38+ python-version : ' ${{ needs.setup.outputs.python-version }}'
39+
40+ - name : Install Ruff
41+ run : pip install ruff
42+
43+ - name : Sanitize branch name
44+ run : echo "SAFE_REF_NAME=${GITHUB_REF_NAME//\//-}" >> $GITHUB_ENV
3345
34- - name : Set up Python
35- uses : actions/setup-python@v4
36- with :
37- python-version : ${{ needs.setup.outputs.python-version }}
46+ - name : Run Ruff Lint Scan
47+ id : scan
48+ run : |
49+ echo "Running Ruff lint scan..."
50+ mkdir -p tmp
51+ ruff check . --select E,F,I --output-format=json > tmp/ruff_output.json || true
52+ echo -e "\nHuman-readable Ruff output:\n"
53+ ruff check . --select E,F,I || true
54+ cat tmp/ruff_output.json || echo "[]"
55+
56+ issue_count=$(jq 'length' tmp/ruff_output.json || echo 0)
57+
58+ if [[ "$issue_count" -gt 0 ]]; then
59+ echo "ruff_issues_found=true" >> "$GITHUB_OUTPUT"
60+ else
61+ echo "ruff_issues_found=false" >> "$GITHUB_OUTPUT"
62+ fi
3863
39- - name : Install Ruff
40- run : pip install ruff
64+ name : Upload Ruff Report
65+ uses : actions/upload-artifact@v4
66+ with :
67+ name : ruff-json-${{ env.SAFE_REF_NAME }}
68+ path : tmp/ruff_output.json
4169
42- - name : Run Ruff
43- id : ruff
44- run : |
45- echo "🔍 Running Ruff Lint..."
46- ruff check . --select E,F,I > ruff_output.txt || true
47- cat ruff_output.txt
48- if [ -s ruff_output.txt ]; then
49- echo "ruff_issues=true" >> "$GITHUB_OUTPUT"
50- else
51- echo "ruff_issues=false" >> "$GITHUB_OUTPUT"
52- fi
70+ - name : Generate PR Body (if issues found)
71+ if : ${{ steps.scan.outputs.ruff_issues_found == 'true' }}
72+ run : |
73+ echo "# Ruff Lint Report for branch \`${GITHUB_REF_NAME}\`" > tmp/pr-body.md
74+ jq -r '.[] | "* File: \(.filename)\n • Line: \(.location.row)\n • Column: \(.location.column)\n • Rule: \(.code)\n • Message: \(.message)\n"' \
75+ tmp/ruff_output.json >> tmp/pr-body.md
5376
54- name : Create PR if Issues Found
55- if : ${{ steps.ruff.outputs.ruff_issues == 'true' }}
56- uses : peter-evans/create-pull-request@v5
57- with :
58- commit-message : ' chore: fix ruff lint issues'
59- title : ' chore: Ruff Lint Issues Found'
60- body : |
61- ## ⚠️ Ruff Lint Issues Found
62- See `.ruff_output.txt` for full details.
63- branch: auto/ruff-lint-issues
64- base: atherton
65- add-paths: |
66- ruff_output.txt
77+ name : Create Pull Request (if issues found)
78+ if : ${{ github.event_name == 'push' && steps.scan.outputs.ruff_issues_found == 'true' }}
79+ uses : peter-evans/create-pull-request@v5
80+ with :
81+ commit-message : ' chore: Ruff lint issues detected'
82+ title : ' Ruff Lint Report for branch ${{ github.ref_name }}'
83+ body-path : tmp/pr-body.md
84+ branch : auto/ruff-lint/${{ env.SAFE_REF_NAME }}
85+ base : ${{ github.ref_name }}
86+ delete-branch : true
6787
68- name : Fail job if issues found
69- if : ${{ steps.ruff.outputs.ruff_issues == 'true' }}
70- run : |
71- echo "❌ Ruff lint issues found — failing job."
72- exit 1
88+ - name : Fail Job If Issues Found
89+ if : ${{ steps.scan.outputs.ruff_issues_found == 'true' }}
90+ run : exit 1
0 commit comments