g_it/site
g_it/site
1
0
Fork 0
Code Issues Releases 1 Wiki Activity Actions

Runner debug 18.
All checks were successful
lint / runner / vale (push) Successful in 12s
Details

Browse source
This commit is contained in:
g_it 2026-04-08 00:37:31 +02:00
commit 5580d82c19
Signed by untrusted user who does not match committer: g_it
GPG key ID: A2B0A7C06A054627
3 changed files with 127 additions and 135 deletions
Download patch file Download diff file Expand all files Collapse all files

220
.checks/pre-push
View file

@ -1,126 +1,126 @@
#!/usr/bin/env bash # #!/usr/bin/env bash
# PRE-PUSH # # PRE-PUSH
# Check the repo for dependency, language, vulnerability, and build issues # # Check the repo for dependency, language, vulnerability, and build issues
set -euo pipefail # set -euo pipefail
# Setting log colours # # Setting log colours
RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' # RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m'
echo -e "${GREEN}Running pre-push checks...${NC}" # echo -e "${GREEN}Running pre-push checks...${NC}"
# Start time tracking # # Start time tracking
START_TIME=$(date +%s) # START_TIME=$(date +%s)
# Setting paths # # Setting paths
REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd)" # REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd)"
CONTENT_DIR="$REPO_ROOT/content" # CONTENT_DIR="$REPO_ROOT/content"
ZENSICAL_CFG_PATH="$REPO_ROOT/zensical.toml" # ZENSICAL_CFG_PATH="$REPO_ROOT/zensical.toml"
SITE_DIR="$REPO_ROOT/deploy" # SITE_DIR="$REPO_ROOT/deploy"
LOG_DIR="$REPO_ROOT/.checks/logs" # LOG_DIR="$REPO_ROOT/.checks/logs"
mkdir -p "$LOG_DIR" # mkdir -p "$LOG_DIR"
# Cleanup old logs # # Cleanup old logs
rm -f "$LOG_DIR/*" # rm -f "$LOG_DIR/*"
# Cleanup function # # Cleanup function
cleanup() { # cleanup() {
trap - EXIT INT TERM # trap - EXIT INT TERM
if [[ -n "${SERVER_PID:-}" ]] && ps -p "$SERVER_PID" >/dev/null 2>&1; then # if [[ -n "${SERVER_PID:-}" ]] && ps -p "$SERVER_PID" >/dev/null 2>&1; then
kill "$SERVER_PID" >/dev/null 2>&1 || true # kill "$SERVER_PID" >/dev/null 2>&1 || true
for _ in {1..30}; do ps -p "$SERVER_PID" >/dev/null 2>&1 || break; sleep 0.1; done # for _ in {1..30}; do ps -p "$SERVER_PID" >/dev/null 2>&1 || break; sleep 0.1; done
fi # fi
} # }
trap cleanup EXIT INT TERM # trap cleanup EXIT INT TERM
# Function to run commands and log output # # Function to run commands and log output
run_command() { # run_command() {
local cmd="$1" # local cmd="$1"
local logfile="$2" # local logfile="$2"
echo -e "${GREEN}Running ${cmd}...${NC}" # echo -e "${GREEN}Running ${cmd}...${NC}"
$cmd >"$logfile" 2>&1 || { echo -e "${RED}${cmd} failed. See $logfile${NC}"; exit 1; } # $cmd >"$logfile" 2>&1 || { echo -e "${RED}${cmd} failed. See $logfile${NC}"; exit 1; }
} # }
# Running independent checks in parallel # # Running independent checks in parallel
{ # {
# Trivy check for vulnerabilities # # Trivy check for vulnerabilities
if command -v trivy &>/dev/null; then # if command -v trivy &>/dev/null; then
run_command "trivy fs . --exit-code 1 --severity CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN --no-progress --scanners vuln" "$LOG_DIR/trivy.log" # run_command "trivy fs . --exit-code 1 --severity CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN --no-progress --scanners vuln" "$LOG_DIR/trivy.log"
else # else
echo -e "${YELLOW}Trivy not installed. Skipping vulnerability scan.${NC}" # echo -e "${YELLOW}Trivy not installed. Skipping vulnerability scan.${NC}"
fi # fi
} & # } &
{ # {
# Trufflehog check for passwords and secrets # # Trufflehog check for passwords and secrets
if command -v trufflehog &>/dev/null && command -v jq &>/dev/null; then # if command -v trufflehog &>/dev/null && command -v jq &>/dev/null; then
TMPF="$(mktemp)" # TMPF="$(mktemp)"
trufflehog filesystem . --json >"$TMPF" 2>"$LOG_DIR/trufflehog.log" || true # trufflehog filesystem . --json >"$TMPF" 2>"$LOG_DIR/trufflehog.log" || true
if jq -e 'select(.verified==true)' "$TMPF" | grep -q .; then # if jq -e 'select(.verified==true)' "$TMPF" | grep -q .; then
cp "$TMPF" "$LOG_DIR/trufflehog-findings.json" # cp "$TMPF" "$LOG_DIR/trufflehog-findings.json"
echo -e "${RED}Verified secrets found. See $LOG_DIR/trufflehog-findings.json${NC}" # echo -e "${RED}Verified secrets found. See $LOG_DIR/trufflehog-findings.json${NC}"
rm -f "$TMPF"; exit 1 # rm -f "$TMPF"; exit 1
fi # fi
rm -f "$TMPF" # rm -f "$TMPF"
else # else
echo -e "${YELLOW}TruffleHog or jq not installed. Skipping secrets scan.${NC}" # echo -e "${YELLOW}TruffleHog or jq not installed. Skipping secrets scan.${NC}"
fi # fi
} & # } &
{ # {
# Dependabot dependency vulnerability check # # Dependabot dependency vulnerability check
if command -v npm &>/dev/null && [[ -f package.json ]]; then # if command -v npm &>/dev/null && [[ -f package.json ]]; then
run_command "npm audit --audit-level=high" "$LOG_DIR/npm-audit.log" # run_command "npm audit --audit-level=high" "$LOG_DIR/npm-audit.log"
elif command -v pip &>/dev/null && [[ -f requirements.txt ]]; then # elif command -v pip &>/dev/null && [[ -f requirements.txt ]]; then
run_command "pip list --outdated" "$LOG_DIR/pip-outdated.log" # run_command "pip list --outdated" "$LOG_DIR/pip-outdated.log"
if grep -q "upgradable" "$LOG_DIR/pip-outdated.log"; then # if grep -q "upgradable" "$LOG_DIR/pip-outdated.log"; then
echo -e "${YELLOW}Outdated Python dependencies found. See $LOG_DIR/pip-outdated.log${NC}" # echo -e "${YELLOW}Outdated Python dependencies found. See $LOG_DIR/pip-outdated.log${NC}"
fi # fi
else # else
echo -e "${YELLOW}No dependency management files found. Skipping dependency checks.${NC}" # echo -e "${YELLOW}No dependency management files found. Skipping dependency checks.${NC}"
fi # fi
} & # } &
# Wait for all background jobs to finish # # Wait for all background jobs to finish
wait # wait
# Lint markdown files using markdownlint-cli2 # # Lint markdown files using markdownlint-cli2
if command -v markdownlint-cli2 &>/dev/null; then # if command -v markdownlint-cli2 &>/dev/null; then
MD_FILES="$(git diff HEAD~1 HEAD --name-only --diff-filter=ACM | grep -E '\.md$' || true)" # MD_FILES="$(git diff HEAD~1 HEAD --name-only --diff-filter=ACM | grep -E '\.md$' || true)"
if [[ -n "$MD_FILES" ]]; then # if [[ -n "$MD_FILES" ]]; then
echo -e "${GREEN}Running markdownlint...${NC}" # echo -e "${GREEN}Running markdownlint...${NC}"
echo "$MD_FILES" | xargs markdownlint-cli2 >"$LOG_DIR/markdownlint.log" 2>&1 || { # echo "$MD_FILES" | xargs markdownlint-cli2 >"$LOG_DIR/markdownlint.log" 2>&1 || {
echo -e "${RED}markdownlint-cli2 failed. See $LOG_DIR/markdownlint.log${NC}"; exit 1; # echo -e "${RED}markdownlint-cli2 failed. See $LOG_DIR/markdownlint.log${NC}"; exit 1;
} # }
else # else
echo -e "${YELLOW}No committed Markdown files found. Skipping markdown check.${NC}" # echo -e "${YELLOW}No committed Markdown files found. Skipping markdown check.${NC}"
fi # fi
else # else
echo -e "${YELLOW}markdownlint-cli2 not installed. Skipping markdown check.${NC}" # echo -e "${YELLOW}markdownlint-cli2 not installed. Skipping markdown check.${NC}"
fi # fi
# Lint language using Vale # # Lint language using Vale
if command -v vale &>/dev/null && [[ -f "$REPO_ROOT/.vale.ini" ]]; then # if command -v vale &>/dev/null && [[ -f "$REPO_ROOT/.vale.ini" ]]; then
echo -e "${GREEN}Running Vale...${NC}" # echo -e "${GREEN}Running Vale...${NC}"
VALE_FILES="$(git diff HEAD~1 HEAD --name-only --diff-filter=ACM | grep -E '\.md$' || true)" # VALE_FILES="$(git diff HEAD~1 HEAD --name-only --diff-filter=ACM | grep -E '\.md$' || true)"
if [[ -n "$VALE_FILES" ]]; then # if [[ -n "$VALE_FILES" ]]; then
echo "$VALE_FILES" | xargs vale >"$LOG_DIR/vale.log" 2>&1 || { # echo "$VALE_FILES" | xargs vale >"$LOG_DIR/vale.log" 2>&1 || {
echo -e "${RED}Vale issues. See $LOG_DIR/vale.log${NC}"; exit 1; # echo -e "${RED}Vale issues. See $LOG_DIR/vale.log${NC}"; exit 1;
} # }
else # else
echo -e "${YELLOW}No committed Markdown files found. Skipping Vale check.${NC}" # echo -e "${YELLOW}No committed Markdown files found. Skipping Vale check.${NC}"
fi # fi
else # else
echo -e "${YELLOW}Vale not installed or .vale.ini missing. Skipping Vale.${NC}" # echo -e "${YELLOW}Vale not installed or .vale.ini missing. Skipping Vale.${NC}"
fi # fi
# Build the site using Zensical to check for build errors # # Build the site using Zensical to check for build errors
if ! command -v zensical >/dev/null 2>&1; then # if ! command -v zensical >/dev/null 2>&1; then
echo -e "${RED}Zensical not installed; cannot build docs.${NC}"; exit 1 # echo -e "${RED}Zensical not installed; cannot build docs.${NC}"; exit 1
fi # fi
run_command "zensical build --clean" "$LOG_DIR/zensical-build.log" # run_command "zensical build --clean" "$LOG_DIR/zensical-build.log"
# End time tracking and calculate duration # # End time tracking and calculate duration
END_TIME=$(date +%s) # END_TIME=$(date +%s)
DURATION=$((END_TIME - START_TIME)) # DURATION=$((END_TIME - START_TIME))
echo -e "${GREEN}Push checks completed in $DURATION seconds.${NC}" # echo -e "${GREEN}Push checks completed in $DURATION seconds.${NC}"

9
.github/workflows/lint.yml vendored
View file

@ -41,15 +41,8 @@ jobs:
echo "## GIT REMOTE CONFIGURATION" echo "## GIT REMOTE CONFIGURATION"
git remote -v git remote -v
# Original Vale action step
- uses: https://github.com/vale-cli/vale-action@v2 - uses: https://github.com/vale-cli/vale-action@v2
with: with:
fail_on_error: true fail_on_error: true
files: . files: .
reporter: local
env:
GITHUB_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
# Original Vale action step
# - uses: https://github.com/vale-cli/vale-action@v2
# with:
# fail_on_error: true
# files: .

1
content/resume.md
View file

@ -12,7 +12,6 @@ title: Resume
--- ---
<!-- markdownlint-disable MD033 --> <!-- markdownlint-disable MD033 -->
<!-- markdownlint-disable MD013 -->
<div class="section-menu"> <div class="section-menu">
<span><a href="#experience" onclick="event.preventDefault(); document.getElementById('experience').scrollIntoView({behavior:'smooth'})">experience</a></span> <span><a href="#experience" onclick="event.preventDefault(); document.getElementById('experience').scrollIntoView({behavior:'smooth'})">experience</a></span>