Makefile targets#122
Merged
Merged
Conversation
And reuse them in our workflows
There was a problem hiding this comment.
Pull request overview
This pull request centralises common CI checks into the repository Makefile, so workflows call shared make targets rather than duplicating linting and config-drift logic in YAML.
Changes:
- Added Makefile targets for Dockerfile linting (hadolint), shell linting (shellcheck), config rendering, and Headscale config drift checking.
- Refactored the Headscale config checker and hadolint GitHub Actions workflows to invoke those Makefile targets.
- Reduced duplicate Docker build logic by making
smoke-testdepend on the newbuildtarget.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| Makefile | Introduces new build/lint/config-drift targets and helper checks, and refactors smoke-test to use build. |
| .github/workflows/headscale-config-checker.yml | Replaces inline drift-check scripting with make check-config-drift and adds explicit failure handling. |
| .github/workflows/hadolint.yml | Switches from hadolint-action to invoking hadolint via the Makefile target and uploads SARIF. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
By adding hashFiles('new-options.txt') != '' to the step condition. Also guarded the github-script body with fs.existsSync(...) so a missing file now cleanly skips the comment instead of throwing a secondary error
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (1)
.github/workflows/hadolint.yml:44
make lint-dockeris allowed to fail (continue-on-error: true), but the SARIF upload step is unconditional. If the lint step fails before producinghadolint-results.sarif(e.g. Docker not available / image pull failure), the upload step will fail the job anyway.
Guard the upload step on the SARIF file existing so the workflow behaviour matches the “no-fail” intent.
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
sarif_file: hadolint-results.sarif
wait-for-processing: true
The `yq` extractor now walks YAML paths instead of flattening to leaf keys, which fixes the false negatives from repeated names like enabled
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request refactors CI workflows to use the
Makefilefor common tasks and adds new Makefile targets for linting and config validation. The main improvements are centralizing logic for Dockerfile linting and Headscale config drift checks, introducing containerized linters, and simplifying workflow maintenance.CI/CD Workflow Refactoring and Centralization:
.github/workflows/hadolint.ymland.github/workflows/headscale-config-checker.ymlworkflows now call Makefile targets (lint-dockerandcheck-config-drift) instead of duplicating logic in workflow YAML, reducing maintenance overhead and ensuring consistency. [1] [2]Makefile Enhancements:
lint-docker(runs hadolint in Docker),lint-shell(runs shellcheck in Docker),render-headscale-config,check-config-drift(compares rendered config with upstream Headscale config),build,check, andclean. These targets encapsulate and containerize linting and validation logic. [1] [2]check-curl,check-docker,check-envsubst) to improve developer experience.smoke-testtarget to rely on the newbuildtarget for image building, avoiding duplicate build steps.Workflow Reliability and Failure Handling:
continue-on-error: truefor Makefile-based steps, and explicitly fail the job if new config options are detected, ensuring correct PR status reporting. [1] [2]General Cleanup:
cleantarget in the Makefile removes all generated artifacts, simplifying local and CI cleanup.These changes make CI more maintainable and consistent by centralizing logic and using containerized tools for linting and validation.