diff --git a/.github/workflows/__call-codeql.yml b/.github/workflows/__call-codeql.yml index 08e1347..2e7559b 100644 --- a/.github/workflows/__call-codeql.yml +++ b/.github/workflows/__call-codeql.yml @@ -10,6 +10,11 @@ on: - master pull_request: workflow_call: + inputs: + runner: + required: false + type: string + default: "[ubuntu-latest]" jobs: languages: @@ -19,7 +24,7 @@ jobs: outputs: matrix: ${{ steps.lang.outputs.result }} continue: ${{ steps.continue.outputs.result }} - runs-on: ubuntu-latest + runs-on: ${{ (inputs && inputs.runner && fromJson(inputs.runner)) || 'ubuntu-latest' }} steps: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -27,6 +32,8 @@ jobs: - name: Get repo languages id: lang uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + env: + RUNNER_INPUT: ${{ inputs.runner }} with: script: | // CodeQL supports the following: @@ -64,6 +71,18 @@ jobs: 'typescript': 'javascript', } + // Get custom runner input if provided + const runnerInput = process.env.RUNNER_INPUT || '["ubuntu-latest"]' + let customRunners = [] + try { + customRunners = JSON.parse(runnerInput) + console.log(`Custom runners provided: ${JSON.stringify(customRunners)}`) + } catch (e) { + console.log(`Failed to parse runner input, using default behavior: ${e}`) + } + + const useCustomRunners = customRunners.length > 0 && runnerInput !== '["ubuntu-latest"]' + const repo = context.repo const response = await github.rest.repos.listLanguages(repo) let matrix = { @@ -86,6 +105,7 @@ jobs: "language": "actions", "name": "actions", "os": "ubuntu-latest", + "runner": useCustomRunners ? customRunners : "ubuntu-latest", "build-mode": "none", }); } @@ -104,15 +124,9 @@ jobs: addedLanguages.add(normalizedKey) console.log(`Found supported language: ${normalizedKey}`) - let osList = ['ubuntu-latest']; - if (normalizedKey === 'swift') { - osList = ['macos-latest']; - } - for (let os of osList) { - // set name for matrix - let name = osList.length === 1 ? normalizedKey : `${normalizedKey}, ${os}` - // set category for matrix + if (useCustomRunners) { + // Use custom runners as a group/pool let category = `/language:${normalizedKey}` let build_mode = 'none'; @@ -131,14 +145,60 @@ jobs: build_mode = 'none' } - // add to matrix + // Determine OS based on language (for display purposes) + let os = 'ubuntu-latest' + if (normalizedKey === 'swift') { + os = 'macos-latest' + } + + // add to matrix with runner group matrix['include'].push({ "category": category, "language": normalizedKey, - "name": name, + "name": normalizedKey, "os": os, + "runner": customRunners, "build-mode": build_mode, }) + } else { + // Use default OS-based behavior + let osList = ['ubuntu-latest']; + if (normalizedKey === 'swift') { + osList = ['macos-latest']; + } + for (let os of osList) { + // set name for matrix + let name = osList.length === 1 ? normalizedKey : `${normalizedKey}, ${os}` + + // set category for matrix + let category = `/language:${normalizedKey}` + let build_mode = 'none'; + + // Set build mode based on language + switch (normalizedKey) { + case 'csharp': + build_mode = 'autobuild' + break + case 'go': + build_mode = 'autobuild' + break + case 'java': + build_mode = 'autobuild' + break + default: + build_mode = 'none' + } + + // add to matrix + matrix['include'].push({ + "category": category, + "language": normalizedKey, + "name": name, + "os": os, + "runner": os, + "build-mode": build_mode, + }) + } } } } @@ -172,7 +232,7 @@ jobs: actions: read contents: read security-events: write - runs-on: ${{ matrix.os || 'ubuntu-latest' }} + runs-on: ${{ matrix.runner }} strategy: fail-fast: false matrix: ${{ fromJson(needs.languages.outputs.matrix) }} diff --git a/.github/workflows/__call-common-lint.yml b/.github/workflows/__call-common-lint.yml index d804306..b69be1b 100644 --- a/.github/workflows/__call-common-lint.yml +++ b/.github/workflows/__call-common-lint.yml @@ -8,13 +8,22 @@ permissions: {} on: pull_request: workflow_call: + inputs: + actionlint_config: + required: false + type: string + runner: + required: false + type: string + default: "[ubuntu-latest]" jobs: lint: name: Common Lint permissions: contents: read - runs-on: ubuntu-latest + pull-requests: read + runs-on: ${{ (inputs && inputs.runner && fromJson(inputs.runner)) || 'ubuntu-latest' }} env: CLANG_FORMAT_VERSION: 20 steps: @@ -64,8 +73,8 @@ jobs: for name in "${!files[@]}"; do if [ ! -f "${name}.json" ]; then - echo "Downloading ${name}.json" url="${files[$name]}" + echo "Downloading ${name}.json from ${url}" curl \ -fsSL \ --retry 3 \ @@ -101,15 +110,22 @@ jobs: - name: Install actionlint id: get_actionlint shell: bash + env: + ACTIONLINT_CONFIG: ${{ inputs.actionlint_config }} run: | bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) - if [ ! -f ".github/actionlint.yml" ]; then + if [ -n "${ACTIONLINT_CONFIG}" ]; then + mkdir -p .github + printf "%s" "${ACTIONLINT_CONFIG}" > .github/actionlint.yml + elif [ ! -f ".github/actionlint.yml" ]; then + url="https://raw.githubusercontent.com/LizardByte/.github/master/.github/actionlint.yml" + echo "Downloading ${url} with curl" curl \ -fsS \ --retry 3 \ -o ".github/actionlint.yml" \ - "https://raw.githubusercontent.com/LizardByte/.github/master/.github/actionlint.yml" + ${url} fi - name: Replace shell @@ -349,6 +365,15 @@ jobs: shell: pwsh run: | # PSScriptAnalyzer is already installed on GitHub runners + if ($env:RUNNER_NAME -notlike 'GitHub Actions*') { + $repo = Get-PSRepository -Name PSGallery -ErrorAction SilentlyContinue + if (-not $repo) { + Register-PSRepository -Default -InstallationPolicy Trusted + } else { + Set-PSRepository -Name PSGallery -InstallationPolicy Trusted + } + Install-Module -Name PSScriptAnalyzer -Force + } # To see a list of available rules, run the following command: # Get-ScriptAnalyzerRule | Format-List