chore: refresh content and add lint + link-check workflows #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Link check | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| paths: | |
| - "**/*.md" | |
| - ".github/.linkspector.yml" | |
| - ".github/workflows/link-check.yaml" | |
| schedule: | |
| # Mondays at 14:00 UTC. | |
| - cron: "0 14 * * 1" | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| jobs: | |
| prepare-linkspector-browser: | |
| # Mirrors coder/coder weekly-docs.yaml: pin Chrome and cache it so | |
| # linkspector does not download a mutable browser at runtime. | |
| # Later versions of Ubuntu have disabled unprivileged user namespaces, | |
| # which the linkspector action requires. | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| env: | |
| CHROME_BUILD_ID: "145.0.7632.77" | |
| outputs: | |
| browser-cache-key: ${{ steps.browser-versions.outputs.cache-key }} | |
| chrome-path: ${{ steps.install-chrome.outputs.path }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: "22" | |
| - name: Compute browser cache key | |
| id: browser-versions | |
| env: | |
| RUNNER_OS: ${{ runner.os }} | |
| RUNNER_ARCH: ${{ runner.arch }} | |
| run: | | |
| set -euo pipefail | |
| echo "cache-key=puppeteer-${RUNNER_OS}-${RUNNER_ARCH}-chrome-${CHROME_BUILD_ID}" >> "$GITHUB_OUTPUT" | |
| - name: Restore Puppeteer browser cache | |
| uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: ~/.cache/puppeteer | |
| key: ${{ steps.browser-versions.outputs.cache-key }} | |
| - name: Install Linkspector Chrome | |
| id: install-chrome | |
| run: | | |
| set -euo pipefail | |
| chrome_path="$(npx -y @puppeteer/browsers install "chrome@${CHROME_BUILD_ID}" --path "${HOME}/.cache/puppeteer" --format '{{path}}')" | |
| echo "path=${chrome_path}" >> "$GITHUB_OUTPUT" | |
| check-links: | |
| needs: prepare-linkspector-browser | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | |
| with: | |
| persist-credentials: false | |
| # action-linkspector has a pnpm install step that fails without an | |
| # existing pnpm store. See: | |
| # https://github.com/UmbrellaDocs/action-linkspector/issues/54 | |
| - name: Enable corepack and create pnpm store | |
| run: | | |
| corepack enable pnpm | |
| mkdir -p "$(pnpm store path --silent)" | |
| - name: Restore Puppeteer browser cache | |
| uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: ~/.cache/puppeteer | |
| key: ${{ needs.prepare-linkspector-browser.outputs.browser-cache-key }} | |
| - name: Set up Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: "22" | |
| # action-linkspector pipes linkspector through reviewdog, which only | |
| # surfaces failures and stays silent on success. Run linkspector | |
| # standalone first so the workflow log shows every URL that was | |
| # checked, then let action-linkspector run for the PR review comment | |
| # integration. | |
| - name: List URLs found in Markdown files | |
| run: | | |
| set -euo pipefail | |
| echo "URLs discovered in Markdown files (subject to linkspector ignorePatterns):" | |
| echo | |
| grep -rhoE 'https?://[^[:space:])"`<>]+' \ | |
| --include='*.md' \ | |
| --exclude-dir=node_modules \ | |
| --exclude-dir=.git \ | |
| . | sort -u | |
| - name: Run linkspector | |
| env: | |
| PUPPETEER_EXECUTABLE_PATH: ${{ needs.prepare-linkspector-browser.outputs.chrome-path }} | |
| run: npx -y @umbrelladocs/linkspector check --showstat --check-archived -c .github/.linkspector.yml | |
| - name: Check Markdown links | |
| if: always() | |
| uses: umbrelladocs/action-linkspector@036f295d12b67b0c4b445bc83db0538afb78db69 # v1.5.2 | |
| env: | |
| # Use the Chrome build prepared from the pinned Puppeteer instead | |
| # of letting linkspector download a mutable browser at runtime. | |
| # See: https://github.com/UmbrellaDocs/action-linkspector/issues/62 | |
| PUPPETEER_EXECUTABLE_PATH: ${{ needs.prepare-linkspector-browser.outputs.chrome-path }} | |
| with: | |
| reporter: ${{ github.event_name == 'pull_request' && 'github-pr-review' || 'github-check' }} | |
| config_file: .github/.linkspector.yml | |
| fail_on_error: "true" | |
| filter_mode: "file" | |
| show_stats: "true" |