GitHub Actions Workflow for Linting python and dotnet source code, and docs (#22)

* working on workflow

* workig document workfow

* dotnet lint rules

* test python workflow

* test python workflow

* test python workflow

* pr_python

* pr_worflow check pyhton and dotnet

* test workflow

* test workflow

* test workflow

* test workflow

* test pyhton

* test pyhton

* test python

* pr_doc workflow

* docs check

* docs check

* docs check

* pr_workflow

* pr_workflow

* pr_workflow

* pr_workflow

* link check edit

* link check edit

* link check edit

* link check edit

* link check edit

* link check edit

* corrections to pr md files

* cspell configuration

* cspell configuration

* cspell configuration

* cspell configuration

* doc file update and add config for markdown-link-check

* doc file update and add config for markdown-link-check

* change folder structure for linter config files

* fix documentation

* fix documentation

* resolve document misspell

* resolve editorconfig for markdwon

* resolve editorconfig for markdwon

* resolve editorconfig for markdwon

.github/workflows/pr_docs.yaml

@@ -0,0 +1,36 @@
+name: pr_docs
+
+on:
+  push:
+    paths:
+      - "docs/**.md"
+      - "**.md"
+  pull_request:
+    paths-ignore:
+      - "docs/**.md"
+      - "**.md"
+    branches:
+      - main
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+          
+      - name: MegaLinter documentation flavor
+        uses: oxsecurity/megalinter/flavors/documentation@v6.12.0
+        env:
+          IGNORE_GITIGNORED_FILES: true
+          VALIDATE_ALL_CODEBASE: true
+          PRINT_ALL_FILES: true
+          DISABLE: COPYPASTE,YAML
+          SPELL_CSPELL_CONFIG_FILE: /config/megalinter/.cspell.json
+          MARKDOWN_MARKDOWN_LINK_CHECK_CONFIG_FILE: /config/megalinter/.markdown-link-check.json
+          DISABLE_LINTERS: REPOSITORY_CHECKOV,REPOSITORY_TRIVY
+          FILTER_REGEX_EXCLUDE: '(BenchPress/|engine/|examples/|\.github/workflows|\.devcontainer|\.editorconfig|\.gitmodules|/framework/|samples/|\.sln|LICENSE)'
+          FILTER_REGEX_INCLUDE: '(docs/|\**.md)'
+          REPORT_OUTPUT_FOLDER: ${GITHUB_WORKSPACE}/megalinter-reports

.github/workflows/pr_dotnet.yaml

@@ -0,0 +1,34 @@
+name: pr_dotnet
+
+on:
+  push:
+    paths:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+  pull_request:
+    paths-ignore:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+    branches:
+      - main
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+
+      - name: MegaLinter dotnet flavor
+        uses: oxsecurity/megalinter/flavors/dotnet@v6.12.0
+        env:
+          IGNORE_GITIGNORED_FILES: true
+          VALIDATE_ALL_CODEBASE: true
+          PRINT_ALL_FILES: true
+          DISABLE: SPELL,COPYPASTE,YAML
+          DISABLE_LINTERS: REPOSITORY_CHECKOV,REPOSITORY_TRIVY
+          FILTER_REGEX_EXCLUDE: '(BenchPress/|engine/|examples/|/docs|\.github/workflows|\.devcontainer|\.editorconfig|\.gitmodules|\.sln|\.md|LICENSE|/framework/python|samples/python)'
+          FILTER_REGEX_INCLUDE: '(framework/dotnet|samples/dotnet)'
+          REPORT_OUTPUT_FOLDER: ${GITHUB_WORKSPACE}/megalinter-reports

.github/workflows/pr_python.yaml

@@ -0,0 +1,34 @@
+name: pr_python
+
+on:
+  push:
+    paths:
+      - "framework/python/**"
+      - "samples/python/**"
+  pull_request:
+    paths-ignore:
+      - "framework/python/**"
+      - "samples/python/**"
+    branches:
+      - main
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+          
+      - name: MegaLinter Python flavor
+        uses: oxsecurity/megalinter/flavors/python@v6.12.0
+        env:
+          IGNORE_GITIGNORED_FILES: true
+          VALIDATE_ALL_CODEBASE: true
+          PRINT_ALL_FILES: true
+          DISABLE: SPELL,COPYPASTE,YAML
+          DISABLE_LINTERS: PYTHON_MYPY,REPOSITORY_CHECKOV,REPOSITORY_TRIVY
+          FILTER_REGEX_EXCLUDE: '(BenchPress/|engine/|examples/|\.github/workflows|\.devcontainer|\.editorconfig|\.gitmodules|/docs|/framework/dotnet|samples/dotnet|\.sln|\.md|LICENSE)'
+          FILTER_REGEX_INCLUDE: '(framework/python|samples/python)'
+          REPORT_OUTPUT_FOLDER: ${GITHUB_WORKSPACE}/megalinter-reports 

README.md

@@ -2,7 +2,7 @@
 
 This framework is intended to work as a testing framework for Azure deployment features by using [Bicep](https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/overview?tabs=bicep).
 
-In order to see how you can work with this framework you can find one sample bicep file in the folder [samples](/examples/main.bicep)
+In order to see how you can work with this framework you can find one sample bicep file in the folder [samples](./examples/sample.bicep)
 that will be deployed by using one PowerShell script.
 
 Process is the following:
@@ -23,9 +23,9 @@ See [Getting Started](docs/getting_started.md) guide on how to start development
 
 ## Contributing
 
-This project welcomes contributions and suggestions.  Most contributions require you to agree to a
+This project welcomes contributions and suggestions. Most contributions require you to agree to a
 Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+the rights to use your contribution. For details, visit `https://cla.opensource.microsoft.com`.
 
 When you submit a pull request, a CLA bot will automatically determine whether you need to provide
 a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
@@ -37,8 +37,8 @@ contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additio
 
 ## Trademarks
 
-This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft 
-trademarks or logos is subject to and must follow 
+This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
+trademarks or logos is subject to and must follow
 [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
 Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
 Any use of third-party trademarks or logos are subject to those third-party's policies.

SECURITY.md

@@ -1,10 +1,10 @@
 <!-- BEGIN MICROSOFT SECURITY.MD V0.0.5 BLOCK -->
 
-## Security
+# Security
 
 Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
 
-If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](<https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)>), please report it to us as described below.
 
 ## Reporting Security Issues
 
@@ -12,19 +12,19 @@ If you believe you have found a security vulnerability in any Microsoft-owned re
 
 Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
 
-If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
+If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
 
-You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
-  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-  * Full paths of source file(s) related to the manifestation of the issue
-  * The location of the affected source code (tag/branch/commit or direct URL)
-  * Any special configuration required to reproduce the issue
-  * Step-by-step instructions to reproduce the issue
-  * Proof-of-concept or exploit code (if possible)
-  * Impact of the issue, including how an attacker might exploit the issue
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 
@@ -38,4 +38,4 @@ We prefer all communications to be in English.
 
 Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
 
-<!-- END MICROSOFT SECURITY.MD BLOCK -->
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

SUPPORT.md

@@ -1,25 +1,25 @@
-# TODO: The maintainer of this repo has not yet edited this file
-
-**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
-
-- **No CSS support:** Fill out this template with information about how to file issues and get help.
-- **Yes CSS support:** Fill out an intake form at [aka.ms/onboardsupport](https://aka.ms/onboardsupport). CSS will work with/help you to determine next steps.
-- **Not sure?** Fill out an intake as though the answer were "Yes". CSS will help you decide.
-
-*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
-
-# Support
-
-## How to file issues and get help  
-
-This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
-issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
-feature request as a new Issue.
-
-For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 
-FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
-CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
-
-## Microsoft Support Policy  
-
-Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
+# TODO: The maintainer of this repo has not yet edited this file
+
+**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
+
+- **No CSS support:** Fill out this template with information about how to file issues and get help.
+- **Yes CSS support:** Fill out an intake form at aka.ms/onboardsupport. CSS will work with/help you to determine next steps.
+- **Not sure?** Fill out an intake as though the answer were "Yes". CSS will help you decide.
+
+Then remove this first heading from this SUPPORT.MD file before publishing your repo.
+
+## Support
+
+## How to file issues and get help
+
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing
+issues before filing new issues to avoid duplicates. For new issues, file your bug or
+feature request as a new Issue.
+
+For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE
+FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
+CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
+
+## Microsoft Support Policy
+
+Support for this **PROJECT or PRODUCT** is limited to the resources listed above.

config/megalinter/.cspell.json

@@ -0,0 +1,35 @@
+{
+    "version": 0.1,
+    "language": "en",
+    "ignorePaths": [
+        "**/node_modules/**",
+        "**/vscode-extension/**",
+        "**/.git/**",
+        ".vscode",
+        "report"
+    ],
+    "patterns": [
+        {
+            "name": "comment-single-line",
+            "pattern": "/#.*/g"
+        },
+        {
+            "name": "comment-multi-line",
+            "pattern": "/(?:\\/\\*[\\s\\S]*?\\*\\/)/g"
+        },
+        // combine multiple named patterns into one single named pattern
+        {
+            "name": "comments",
+            "pattern": ["comment-single-line", "comment-multi-line"]
+        }
+    ],
+    "ignoreRegExpList": ["comments", "/^\\s*`[\\s\\S]*?^\\s*`/gm", "/^\\s*```[\\s\\S]*?^\\s*```/gm"],
+    "words": [
+        "onboardsupport",
+        "MSRC",
+        "msrc",
+        "Benchpress"
+    ]
+}
+
+

config/megalinter/.markdown-link-check.json

@@ -0,0 +1,18 @@
+{
+    "retryOn429": true,
+    "retryCount": 5,
+    "httpHeaders": [
+        {
+          "urls": ["https://docs.github.com/"],
+          "headers": {
+            "Accept-Encoding": "zstd, br, gzip, deflate"
+          }
+        }
+      ],
+    "aliveStatusCodes": [ 200, 203 ]
+}
+
+
+
+
+  

docs/github_actions_lint_workflow.md

@@ -0,0 +1,112 @@
+# Github Actions Lint Workflow
+
+Current repo has three linting workflows in the `.github/workflows`. Each workflow uses specific Megalinter flavor to lint specific folders when new code gets pushed. All configuration files are located under `config/megalinter` directory
+
+- pr_dotnet - uses `oxsecurity/megalinter/flavors/dotnet@v6.12.0` to lint dotnet code in the `framework/` and `samples/` directories
+- pr_python - uses `oxsecurity/megalinter/flavors/python@v6.12.0` to lint python code in the `framework/` and `samples/` directories
+- pr_docs - uses `oxsecurity/megalinter/flavors/documentation@v6.12.0` to lint md file in the `docs/` and `root` directories
+
+See for more details [Megalinter flavors](#additional-useful-links)
+
+## Run Github Action Workflow Locally
+
+Rather than having to commit/push every time you want to test out the changes you are making to your `.github/workflows/` files, you can test it locally using `act` to run the actions locally.
+
+### Prerequisites
+
+- Docker see [Install Docker](https://docs.docker.com/get-docker/)
+- `act` to run Github Actions [Install Act](https://github.com/nektos/act)
+
+### Additional useful links
+
+- Understanding GitHub Actions [GitHub Actions](https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions)
+- Github Actions Workflow Syntax [Workflow Syntax](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
+- Full list of [Megalinter flavors](https://oxsecurity.github.io/megalinter/latest/flavors/)
+- Megalinter Configuration Variables [Configuration Variables](https://github.com/marketplace/actions/megalinter#common-variables)
+- Useful `act` CLI commands [act CLI commands](https://github.com/nektos/act#example-commands)
+
+### Example
+
+This is an example of running `.github/workflows/pr_dotnet.yml` file to lint dotnet specific folders locally using `act` command
+
+```yaml
+name: pr_dotnet
+
+on:
+  push:
+    paths:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+  pull_request:
+    paths-ignore:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+    branches:
+      - main
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+
+      - name: MegaLinter dotnet flavor
+        uses: oxsecurity/megalinter/flavors/dotnet@v6.12.0
+        env:
+          IGNORE_GITIGNORED_FILES: true
+          VALIDATE_ALL_CODEBASE: true
+          PRINT_ALL_FILES: true
+          DISABLE: SPELL,COPYPASTE,YAML
+          DISABLE_LINTERS: REPOSITORY_CHECKOV,REPOSITORY_TRIVY
+          FILTER_REGEX_EXCLUDE: '(BenchPress/|engine/|examples/|/docs|\.github/workflows|\.devcontainer|\.editorconfig|\.gitmodules|\.sln|\.md|LICENSE|/framework/python|samples/python)'
+          FILTER_REGEX_INCLUDE: "(framework/dotnet|samples/dotnet)"
+          REPORT_OUTPUT_FOLDER: ${GITHUB_WORKSPACE}/megalinter-reports
+```
+
+Run workflow using `act` command
+
+```sh
+act pull_request --workflows .\.github\workflows\pr_docs.yaml
+```
+
+#### Linting overview
+
+When new code gets pushed to dotnet directories, the linting gets triggered
+
+```yaml
+on:
+  push:
+    paths:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+```
+
+When pull_request is created, following directories gets skipped from linting to allow the merge
+
+```yaml
+pull_request:
+    paths-ignore:
+      - "framework/dotnet/**"
+      - "samples/dotnet/**"
+    branches:
+      - main
+```
+
+In this pr_dotnet workflow, we are using Megalinter flavor for dotnet
+
+```yaml
+- name: MegaLinter dotnet flavor
+  uses: oxsecurity/megalinter/flavors/dotnet@v6.12.0
+```
+
+Finally, using Megalinter env variables to exclude and include directories for linting, and disable linters for this pr_dotnet
+
+```yaml
+env:
+  DISABLE_LINTERS: REPOSITORY_CHECKOV,REPOSITORY_TRIVY
+  FILTER_REGEX_EXCLUDE: '(BenchPress/|engine/|examples/|/docs|\.github/workflows|\.devcontainer|\.editorconfig|\.gitmodules|\.sln|\.md|LICENSE|/framework/python|samples/python)'
+  FILTER_REGEX_INCLUDE: "(framework/dotnet|samples/dotnet)"
+```

framework/dotnet/BenchPress.TestFramework.Tests/UnitTest1.cs

@@ -7,4 +7,4 @@ public class UnitTest1
     {
 
     }
-}
+}

framework/dotnet/BenchPress.TestFramework.Tests/Usings.cs

@@ -1 +1 @@
-global using Xunit;
+global using Xunit;

framework/python/test.py

@@ -0,0 +1,18 @@
+# Python Program to find the area of triangle
+
+a = 5
+b = 6
+c = 7
+
+# Uncomment below to take inputs from the user
+# a = float(input('Enter first side: '))
+# b = float(input('Enter second side: '))
+# c = float(input('Enter third side: '))
+
+# calculate the semi-perimeter
+s = (a + b + c) / 2
+
+# calculate the area
+area = (s * (s-a) * (s-b) * (s-c)) ** 0.5
+print('The area of the triangle is: ' + area)
+print('test')

samples/python/test.py

@@ -0,0 +1,17 @@
+# Python Program to find the area of triangle
+
+a = 5
+b = 6
+c = 7
+
+# Uncomment below to take inputs from the user
+# a = float(input('Enter first side: '))
+# b = float(input('Enter second side: '))
+# c = float(input('Enter third side: '))
+
+# calculate the semi-perimeter
+s = (a + b + c) / 2
+
+# calculate the area
+area = (s * (s-a) * (s-b) * (s-c)) ** 0.5
+print('The area of the triangle is: ' + area)