From 07541b9bde4d12af428c26724ef5373b1f15ff33 Mon Sep 17 00:00:00 2001
From: Siddhartha Bagaria <sidb@x.team>
Date: Tue, 12 Sep 2023 21:45:29 +0000
Subject: [PATCH] Setup Trunk as a meta-linter for the repo

Configures buildifier to run with a config obtained from removing
docstring and 'sorted items in dict' warnings from the example config.
```
.trunk/tools/buildifier -config=example
```
---
 .buildifier.json                  | 64 +++++++++++++++++++++++++++++++
 .github/workflows/lint.yml        | 25 ++++++++++++
 .trunk/.gitignore                 |  8 ++++
 .trunk/configs/.markdownlint.yaml | 10 +++++
 .trunk/configs/.shellcheckrc      |  7 ++++
 .trunk/configs/.yamllint.yaml     | 10 +++++
 .trunk/trunk.yaml                 | 64 +++++++++++++++++++++++++++++++
 tests/.buildifier.json            |  1 +
 8 files changed, 189 insertions(+)
 create mode 100644 .buildifier.json
 create mode 100644 .github/workflows/lint.yml
 create mode 100644 .trunk/.gitignore
 create mode 100644 .trunk/configs/.markdownlint.yaml
 create mode 100644 .trunk/configs/.shellcheckrc
 create mode 100644 .trunk/configs/.yamllint.yaml
 create mode 100644 .trunk/trunk.yaml
 create mode 120000 tests/.buildifier.json

diff --git a/.buildifier.json b/.buildifier.json
new file mode 100644
index 00000000..4f1ce103
--- /dev/null
+++ b/.buildifier.json
@@ -0,0 +1,64 @@
+{
+  "type": "auto",
+  "mode": "fix",
+  "lint": "fix",
+  "warningsList": [
+    "attr-applicable_licenses",
+    "attr-cfg",
+    "attr-license",
+    "attr-licenses",
+    "attr-non-empty",
+    "attr-output-default",
+    "attr-single-file",
+    "build-args-kwargs",
+    "bzl-visibility",
+    "confusing-name",
+    "constant-glob",
+    "ctx-actions",
+    "ctx-args",
+    "deprecated-function",
+    "depset-items",
+    "depset-iteration",
+    "depset-union",
+    "dict-concatenation",
+    "dict-method-named-arg",
+    "duplicated-name",
+    "filetype",
+    "git-repository",
+    "http-archive",
+    "integer-division",
+    "keyword-positional-params",
+    "list-append",
+    "load",
+    "load-on-top",
+    "name-conventions",
+    "native-android",
+    "native-build",
+    "native-cc",
+    "native-java",
+    "native-package",
+    "native-proto",
+    "native-py",
+    "no-effect",
+    "out-of-order-load",
+    "output-group",
+    "overly-nested-depset",
+    "package-name",
+    "package-on-top",
+    "positional-args",
+    "print",
+    "provider-params",
+    "redefined-variable",
+    "repository-name",
+    "return-value",
+    "rule-impl-return",
+    "same-origin-load",
+    "skylark-comment",
+    "skylark-docstring",
+    "string-iteration",
+    "uninitialized",
+    "unnamed-macro",
+    "unreachable",
+    "unused-variable"
+  ]
+}
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
new file mode 100644
index 00000000..9e03a2bf
--- /dev/null
+++ b/.github/workflows/lint.yml
@@ -0,0 +1,25 @@
+name: Pull Request
+on: [pull_request]
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+# NOTE: This current setup does not post annotations to PRs.
+# https://github.com/marketplace/actions/trunk-check#getting-inline-annotations-for-fork-prs
+
+permissions: read-all
+
+jobs:
+  trunk_check:
+    name: Trunk Check Runner
+    runs-on: ubuntu-latest
+    permissions:
+      checks: write # For trunk to post annotations
+      contents: read # For repo checkout
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Trunk Check
+        uses: trunk-io/trunk-action@v1
diff --git a/.trunk/.gitignore b/.trunk/.gitignore
new file mode 100644
index 00000000..1e246529
--- /dev/null
+++ b/.trunk/.gitignore
@@ -0,0 +1,8 @@
+*out
+*logs
+*actions
+*notifications
+*tools
+plugins
+user_trunk.yaml
+user.yaml
diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml
new file mode 100644
index 00000000..fb940393
--- /dev/null
+++ b/.trunk/configs/.markdownlint.yaml
@@ -0,0 +1,10 @@
+# Autoformatter friendly markdownlint config (all formatting rules disabled)
+default: true
+blank_lines: false
+bullet: false
+html: false
+indentation: false
+line_length: false
+spaces: false
+url: false
+whitespace: false
diff --git a/.trunk/configs/.shellcheckrc b/.trunk/configs/.shellcheckrc
new file mode 100644
index 00000000..8c7b1ada
--- /dev/null
+++ b/.trunk/configs/.shellcheckrc
@@ -0,0 +1,7 @@
+enable=all
+source-path=SCRIPTDIR
+disable=SC2154
+
+# If you're having issues with shellcheck following source, disable the errors via:
+# disable=SC1090
+# disable=SC1091
diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml
new file mode 100644
index 00000000..4d444662
--- /dev/null
+++ b/.trunk/configs/.yamllint.yaml
@@ -0,0 +1,10 @@
+rules:
+  quoted-strings:
+    required: only-when-needed
+    extra-allowed: ["{|}"]
+  empty-values:
+    forbid-in-block-mappings: true
+    forbid-in-flow-mappings: true
+  key-duplicates: {}
+  octal-values:
+    forbid-implicit-octal: true
diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
new file mode 100644
index 00000000..7eb78baa
--- /dev/null
+++ b/.trunk/trunk.yaml
@@ -0,0 +1,64 @@
+version: 0.1
+cli:
+  version: 1.15.0
+plugins:
+  sources:
+    - id: trunk
+      ref: v1.2.3
+      uri: https://github.com/trunk-io/plugins
+runtimes:
+  enabled:
+    - go@1.21.0
+    - node@18.12.1
+    - python@3.10.8
+lint:
+  definitions:
+    - name: buildifier
+      files: [starlark, bazel-build, bazel-workspace]
+      tools: [buildifier]
+      commands:
+        - name: fix
+          run: buildifier --lint=fix "${target}"
+          output: rewrite
+          cache_results: true
+          formatter: true
+          in_place: true
+          batch: true
+          success_codes: [0]
+        - name: warn
+          run: buildifier --lint=warn --format=json --mode=check "${target}"
+          # Custom parser type defined in the trunk cli to handle buildifier's JSON output.
+          output: buildifier
+          cache_results: true
+          batch: true
+          success_codes: [0]
+      suggest_if: files_present
+      direct_configs:
+        - .buildifier.json
+        # Not a native buildifier construct, but useful for 'addTables', see test file
+        - .buildifier-tables.json
+      environment:
+        - name: PATH
+          list: ["${linter}"]
+      known_good_version: 6.1.0
+      version_command:
+        parse_regex: ${semver}
+        run: buildifier --version
+  enabled:
+    - actionlint@1.6.25
+    - buildifier@6.3.3
+    - checkov@2.4.9
+    - git-diff-check
+    - markdownlint@0.36.0
+    - prettier@3.0.3
+    - shellcheck@0.9.0
+    - shfmt@3.6.0
+    - trivy@0.45.0
+    - trufflehog@3.55.1
+    - yamllint@1.32.0
+actions:
+  enabled:
+    - trunk-announce
+    - trunk-check-pre-push
+    - trunk-fmt-pre-commit
+    - trunk-upgrade-available
diff --git a/tests/.buildifier.json b/tests/.buildifier.json
new file mode 120000
index 00000000..3a96e6a9
--- /dev/null
+++ b/tests/.buildifier.json
@@ -0,0 +1 @@
+../.buildifier.json
\ No newline at end of file