Skip to content

Commit ea8ac3a

Browse files
Add CI workflow for YAML validation, shellcheck, and .github drift detection (#10)
* Add CI workflow for YAML validation, shellcheck, and .github drift detection Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Christoph Jerolimov <jerolimov+git@redhat.com> * Fix shellcheck warnings in create-catalog-yamls.sh Quote variable expansions in seq calls and replace ls parsing with wc -l | numfmt for file size display. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Christoph Jerolimov <jerolimov+git@redhat.com> * Fix useless cat in set-plugins-resolutions.sh Use jq with input redirection instead of piping from cat. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Christoph Jerolimov <jerolimov+git@redhat.com> --------- Signed-off-by: Christoph Jerolimov <jerolimov+git@redhat.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent cfc0663 commit ea8ac3a

3 files changed

Lines changed: 58 additions & 11 deletions

File tree

.github/workflows/ci.yaml

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
name: CI
2+
3+
on:
4+
push:
5+
branches: [main]
6+
pull_request:
7+
branches: [main]
8+
9+
permissions:
10+
contents: read
11+
12+
jobs:
13+
validate:
14+
runs-on: ubuntu-latest
15+
16+
steps:
17+
- name: Harden runner
18+
uses: step-security/harden-runner@v2
19+
with:
20+
egress-policy: audit
21+
22+
- name: Checkout
23+
uses: actions/checkout@v7
24+
25+
- name: Validate YAML files in argocd/ and catalog/
26+
run: |
27+
find .github argocd catalog helm techdocs -name '*.yaml' -o -name '*.yml' | while read -r file; do
28+
echo " $file"
29+
yq '.' "$file" > /dev/null
30+
done
31+
32+
- name: Run shellcheck on scripts/
33+
run: |
34+
echo "Running shellcheck on scripts/..."
35+
find scripts -name '*.sh' | while read -r file; do
36+
echo " $file"
37+
shellcheck "$file"
38+
done
39+
40+
- name: Verify no changes in .github/
41+
run: |
42+
if [ -n "$(git status --porcelain .github/)" ]; then
43+
echo "::error::Unexpected changes detected in .github/ after CI steps:"
44+
git diff .github/
45+
exit 1
46+
fi
47+
echo "No changes in .github/ — OK"

scripts/create-catalog-yamls.sh

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ set -e
55
# Create apis
66
function apis() {
77
local n=$1
8-
for i in $(seq 1 $n); do
8+
for i in $(seq 1 "$n"); do
99
cat <<EOF
1010
apiVersion: backstage.io/v1alpha1
1111
kind: API
@@ -38,7 +38,7 @@ EOF
3838
# Example from https://backstage.io/docs/features/software-catalog/descriptor-format/
3939
function components() {
4040
local n=$1
41-
for i in $(seq 1 $n); do
41+
for i in $(seq 1 "$n"); do
4242
cat <<EOF
4343
apiVersion: backstage.io/v1alpha1
4444
kind: Component
@@ -72,7 +72,7 @@ EOF
7272
# Create groups
7373
function groups() {
7474
local n=$1
75-
for i in $(seq 1 $n); do
75+
for i in $(seq 1 "$n"); do
7676
cat <<EOF
7777
apiVersion: backstage.io/v1alpha1
7878
kind: Group
@@ -94,7 +94,7 @@ EOF
9494
# Create systems
9595
function systems() {
9696
local n=$1
97-
for i in $(seq 1 $n); do
97+
for i in $(seq 1 "$n"); do
9898
cat <<EOF
9999
apiVersion: backstage.io/v1alpha1
100100
kind: System
@@ -114,7 +114,7 @@ EOF
114114
# Create templates
115115
function templates() {
116116
local n=$1
117-
for i in $(seq 1 $n); do
117+
for i in $(seq 1 "$n"); do
118118
cat <<EOF
119119
apiVersion: scaffolder.backstage.io/v1beta3
120120
kind: Template
@@ -156,7 +156,7 @@ for n in 10 100 1000 10000; do
156156
apis $n > "catalog/apis-$n.yaml"
157157
# get only the file size only in human readable format
158158
echo -n " done."
159-
echo -n -e "\tFile size: $(ls -lh "catalog/apis-$n.yaml" | awk '{print $5}') "
159+
echo -n -e "\tFile size: $(wc -l < "catalog/apis-$n.yaml" | numfmt --to=iec) "
160160
# print loc
161161
echo -n -e "\tLines of code: $(wc -l < "catalog/apis-$n.yaml")"
162162
echo
@@ -168,7 +168,7 @@ for n in 10 100 1000 10000; do
168168
components $n > "catalog/components-$n.yaml"
169169
# get only the file size only in human readable format
170170
echo -n " done."
171-
echo -n -e "\tFile size: $(ls -lh "catalog/components-$n.yaml" | awk '{print $5}') "
171+
echo -n -e "\tFile size: $(wc -l < "catalog/components-$n.yaml" | numfmt --to=iec) "
172172
# print loc
173173
echo -n -e "\tLines of code: $(wc -l < "catalog/components-$n.yaml")"
174174
echo
@@ -180,7 +180,7 @@ for n in 10 100 1000 10000; do
180180
groups $n > "catalog/groups-$n.yaml"
181181
# get only the file size only in human readable format
182182
echo -n " done."
183-
echo -n -e "\tFile size: $(ls -lh "catalog/groups-$n.yaml" | awk '{print $5}') "
183+
echo -n -e "\tFile size: $(wc -l < "catalog/groups-$n.yaml" | numfmt --to=iec) "
184184
# print loc
185185
echo -n -e "\tLines of code: $(wc -l < "catalog/groups-$n.yaml")"
186186
echo
@@ -192,7 +192,7 @@ for n in 10 100 1000 10000; do
192192
systems $n > "catalog/systems-$n.yaml"
193193
# get only the file size only in human readable format
194194
echo -n " done."
195-
echo -n -e "\tFile size: $(ls -lh "catalog/systems-$n.yaml" | awk '{print $5}') "
195+
echo -n -e "\tFile size: $(wc -l < "catalog/systems-$n.yaml" | numfmt --to=iec) "
196196
# print loc
197197
echo -n -e "\tLines of code: $(wc -l < "catalog/systems-$n.yaml")"
198198
echo
@@ -204,7 +204,7 @@ for n in 10 100 1000 10000; do
204204
templates $n > "catalog/templates-$n.yaml"
205205
# get only the file size only in human readable format
206206
echo -n " done."
207-
echo -n -e "\tFile size: $(ls -lh "catalog/templates-$n.yaml" | awk '{print $5}') "
207+
echo -n -e "\tFile size: $(wc -l < "catalog/templates-$n.yaml" | numfmt --to=iec) "
208208
# print loc
209209
echo -n -e "\tLines of code: $(wc -l < "catalog/templates-$n.yaml")"
210210
echo

scripts/set-plugins-resolutions.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ fi
1414
for workspace in plugins/backstage-*; do
1515
echo "Setting resolutions for workspace $workspace"
1616

17-
backstage_version=$(cat "$workspace/backstage.json" | jq -r ".version")
17+
backstage_version=$(jq -r ".version" < "$workspace/backstage.json")
1818

1919
echo " Backstage version: $backstage_version"
2020
echo

0 commit comments

Comments
 (0)