feat: add reusable file linting workflow and config templates#5
Merged
yshyn-iohk merged 7 commits intomainfrom Apr 10, 2026
Merged
feat: add reusable file linting workflow and config templates#5yshyn-iohk merged 7 commits intomainfrom
yshyn-iohk merged 7 commits intomainfrom
Conversation
Add a reusable CI workflow (lint-files.yml) with editorconfig-checker, ShellCheck, markdownlint, yamllint, and gitleaks. Include canonical .gitattributes (LF normalization), .editorconfig (charset/indent/whitespace), and .markdownlint.yml for consistent file hygiene across all Identus repos. The editorconfig-checker job catches BOM and CRLF issues like the one found in hyperledger-identus#168. Closes hyperledger-identus/hyperledger-identus#172 (Phase 1) Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
- actions/checkout v4 -> v6 - editorconfig-checker @main -> @v2 - ludeeus/action-shellcheck @master -> @2.0.0 - DavidAnson/markdownlint-cli2-action v19 -> v23 - frenck/action-yamllint v1 (already latest) - gitleaks/gitleaks-action v2 (already latest) Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
- Remove [*.{scala,java,kt,kts}] section that duplicated the default
indent_size = 2 from [*]
- Add .yamllint.yml with relaxed defaults: disable line-length,
allow 'on' truthy value (GitHub Actions), relax comment indentation
Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
2 tasks
Python script that compares .gitattributes, .editorconfig, .markdownlint.yml, and .yamllint.yml in every org repo against the canonical templates in this repo. Reports MISSING, OUTDATED, or OK for each file in each repo. Requires only `gh` CLI. Run with: python3 scripts/check-file-hygiene.py Refs: hyperledger-identus/hyperledger-identus#172 Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
Use startswith instead of exact match so repos can append local overrides (e.g., ktlint rules) after the canonical baseline and still pass the audit. The canonical template must appear verbatim at the top of the file. Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
Closed
5 tasks
Replace tag/version references with full commit SHA hashes for supply-chain security. Version comments kept for readability. Resolves SonarQube finding: "Use full commit SHA hash for this dependency" Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
goncalo-frade-iohk
approved these changes
Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
lint-files.ymlworkflow with 4 CI jobs: editorconfig-checker, ShellCheck, markdownlint, and yamllint.gitattributes(LF normalization for all text files, binary rules for images/fonts/archives).editorconfig(UTF-8 charset, LF endings, indent rules per language).markdownlint.ymlwith sensible defaults for the org.yamllint.ymlwith relaxed defaults (no line-length limit, allowontruthy for GitHub Actions)lint.ymlso this repo dogfoods the reusable workflowMotivation
Implements Phase 1 of hyperledger-identus/hyperledger-identus#172. The editorconfig-checker job would have caught the BOM injection in hyperledger-identus/hyperledger-identus#168 before merge.
How other repos consume this
Each repo adds a single caller workflow:
And copies
.gitattributes,.editorconfig,.yamllint.yml, and.markdownlint.ymlfrom this repo as templates.Test plan
🤖 Generated with Claude Code