---
# this is a pre-processing job that runs inside a git-enabled
# container
#
# it is designed to run when a new commit is pushed to the repository,
# not merge requests, for which there is a separate job below.
#
# it finds the modified files to make sure we only run the linter on
# those files. it uses a separate image because
# markdownlint/markdownlint doesn't ship with git (and runs as a
# regular user, so we can't install it either)
find-files:
stage: build
image: containers.torproject.org/tpo/tpa/base-images/debian:stable
script:
- apt update && apt install -yy --no-install-recommends git ca-certificates
- export LATEST_COMMIT_SHA="${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA:-${CI_COMMIT_SHA}}"
- echo "commit SHA $LATEST_COMMIT_SHA"
- |
echo "working on files... $(git diff-tree --no-commit-id --name-only -r $LATEST_COMMIT_SHA | tee changed-files.txt)"
rules:
- if: $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA != null || $CI_COMMIT_SHA != null
- changes:
paths:
- "*.md"
- "**/*.md"
artifacts:
paths:
- changed-files.txt
expose_as: 'changed files'
# this compares the current repo with the actual wiki to make sure
# we're not missing any commits, and will fail the push if we need to
# pull from the wiki
#
# it doesn't run on merge requests to leave those poor people alone
fail-on-desync-wiki:
stage: build
image: containers.torproject.org/tpo/tpa/base-images/debian:stable
script:
- apt update && apt install -yy --no-install-recommends git ca-certificates
- git fetch wiki || git remote add -f wiki https://gitlab.torproject.org/tpo/tpa/team.wiki.git
- git merge --ff-only wiki/master
rules:
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
# not an actual, full link check, just some internal consistency
# checks for now
linkcheck:
image: containers.torproject.org/tpo/tpa/base-images/python:bookworm
script:
- ./bin/check-links.py -v
# this runs after the "build" stage above, and consumes the
# `changed-files.txt` artifact from that stage, regardless of the job
# which generated it.
mdlint:
image: containers.torproject.org/tpo/tpa/base-images/debian:trixie
needs:
- job: find-files
artifacts: true
script:
- echo C.UTF-8 > /etc/locale.gen
- apt update && apt install -yy markdownlint locales
- |
echo "working on files: $(cat changed-files.txt)"
- env LANG=C.UTF-8 ./bin/mdl-wrapper $(cat changed-files.txt)
rules:
- changes:
paths:
- "*.md"
- "**/*.md"
# this will simply run all the time, regardless of which files
# changed, so it doesn't require the above
mdlintall:
image:
image: containers.torproject.org/tpo/tpa/base-images/debian:trixie
needs:
- job: find-files
artifacts: true
script:
- echo C.UTF-8 > /etc/locale.gen
- apt update && apt install -yy markdownlint locales
- echo 'this is important to get the return value of mdl, not grep'
- set -o pipefail
- |
env LANG=C.UTF-8 mdl . | ( grep -v "Kramdown Warning: No link definition for link ID '\[\?_toc_\]\?' found on line" || true )
# this could be turned into allow_failures:exit_codes 2 when
# everything but [[_toc_]] is fixed (because that will never be)
allow_failure: true
codespell:
image:
name: containers.torproject.org/tpo/tpa/base-images/debian:stable
needs:
- job: find-files
artifacts: true
before_script:
- apt update
- apt install -qy codespell
script:
- codespell $(cat changed-files.txt)
rules:
- changes:
paths:
- "*.md"
- "**/*.md"
codespellall:
image:
name: containers.torproject.org/tpo/tpa/base-images/debian:stable
needs:
- job: find-files
artifacts: true
before_script:
- apt update
- apt install -qy codespell
script:
- codespell
allow_failure: true