Skip to content

a GitHub action to run `pre-commit`

License

Notifications You must be signed in to change notification settings

instrumentl/pre-commit-action

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

instrumentl/pre-commit-action

a GitHub action to run pre-commit. This was forked from pre-commit/action, which is soft-deprecated in favor of pre-commit.ci.

using this action

To use this action, make a file .github/workflows/pre-commit.yml. Here's a template to get started:

name: pre-commit

on:
  pull_request:
  push:
    branches: [main]

jobs:
  pre-commit:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - uses: actions/setup-python@v3
    - uses: instrumentl/pre-commit-action@v4

This does a few things:

  • clones the code
  • installs python
  • sets up the pre-commit cache

using this action with custom invocations

By default, this action runs all the hooks against all the files. extra_args lets users specify a single hook id and/or options to pass to pre-commit run.

Here's a sample step configuration that only runs the flake8 hook against all the files (use the template above except for the pre-commit action):

    - uses: instrumentl/pre-commit-action@v4
      with:
        extra_args: flake8 --all-files

using this action in private repositories

prior to v3.0.0, this action had custom behaviour which pushed changes back to the pull request when supplied with a token.

this behaviour was removed:

  • it required a PAT (didn't work with short-lived GITHUB_TOKEN)
  • properly hiding this input from the installation and execution of hooks is intractable in github actions (it is readily available as $INPUT_TOKEN)
  • this meant potentially unvetted code could access the token via the environment

you can likely achieve the same thing with an external action such as git-auto-commit-action though you may want to take precautions to clear git hooks or other ways that arbitrary code execution can occur when running git commit / git push (for example core.fsmonitor).

while unrelated to this action, pre-commit.ci avoids these problems by installing and executing isolated from the short-lived repository-scoped installation access token.

About

a GitHub action to run `pre-commit`

Resources

License

Stars

Watchers

Forks

Packages

No packages published