Use GitHub Actions to run pre-commit

[5ouma]

⚠️ Issue

close #

✏️ Description

pre-commit.ci has a size limit.

🔄 Type of the Change

• 🎉 New Feature
• 🧰 Bug
• 🛡️ Security
• 📖 Documentation
• 🏎️ Performance
• 🧹 Refactoring
• 🧪 Testing
• 🔧 Maintenance
• 🎽 CI
• 🧠 Meta

• I agree to follow the Code of Conduct.

[Copilot]

Copilot reviewed 2 out of 2 changed files in this pull request and generated no suggestions.

[coderabbitai]

Walkthrough

This pull request updates GitHub configuration files by removing the go-fmt hook from the .github/pre-commit.yml file while retaining other hooks. It introduces a new GitHub Actions workflow in .github/workflows/pre-commit.yml to automate pre-commit checks triggered by pushes to the main branch and pull requests. Additionally, the badge in the .github/README.md file is updated to reflect the use of GitHub Actions for pre-commit checks instead of the previous CI service.

Changes

File	Change Summary
.github/pre-commit.yml	Removed section for repository https://github.com/syntaqx/git-hooks, revision v0.0.18, hook go-fmt. A commented-out line for go-mod-tidy remains.
.github/workflows/pre-commit.yml	Introduced a new workflow that triggers on pushes to main and pull requests, executing pre-commit checks.
.github/README.md	Updated pre-commit badge link to point to GitHub Actions workflow instead of pre-commit CI service.

Possibly related PRs

• Follow up the previous Renovate update #180: The update to .github/pr-labeler.yml involves the removal of the "Dependencies" label, which is relevant to the changes made in the main PR regarding the pre-commit configuration that also deals with dependencies.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 3c573d6 and fd2fed4.

📒 Files selected for processing (3)

• .github/README.md (1 hunks)
• .github/pre-commit.yml (0 hunks)
• .github/workflows/pre-commit.yml (1 hunks)

💤 Files with no reviewable changes (1)

• .github/pre-commit.yml

✅ Files skipped from review due to trivial changes (1)

• .github/README.md

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/pre-commit.yml

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (2)

.github/workflows/pre-commit.yml (2)

3-6: Consider optimizing workflow triggers

The current trigger configuration might lead to redundant workflow runs:

1. Running on push to main is typically unnecessary if you enforce branch protection rules requiring PRs.
2. The pull_request trigger lacks branch filters, which means it runs for all PRs targeting any branch.

Consider this optimization:

 on:
-  push:
-    branches: [main]
   pull_request:
+    branches: [main]

---

1-14: Document migration rationale and considerations

Since this workflow replaces pre-commit.ci due to size limitations, it would be helpful to:

1. Document the specific size limitations encountered
2. Add comments about any GitHub Actions limitations that might affect this workflow
3. Consider adding workflow artifacts for pre-commit results

Consider adding these details to the repository's documentation to help future maintainers understand the CI setup decisions.

🛑 Comments failed to post (2)

.github/workflows/pre-commit.yml (2)

10-10: 🛠️ Refactor suggestion

⚠️ Potential issue

Fix runner specification and consider adding permissions

The runner specification has a case sensitivity issue, and the workflow could benefit from explicit permissions.

Fix the runner name and add permissions:

-    runs-on: Ubuntu-Latest
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

    runs-on: ubuntu-latest
    permissions:
      contents: read

---

13-14: 💡 Codebase verification

⚠️ Custom action needs verification and documentation

The custom action at 5ouma/utils/pre-commit@23aec800e821891339568c454135bb9befe36fce appears to be from a private repository, making it impossible to verify its implementation. This poses several concerns:

• The action's implementation cannot be audited for security
• Documentation is not publicly accessible
• Future maintainers won't be able to understand the action's purpose
• CI/CD pipelines may fail if repository access is lost

Recommendations:

• Either make the action's repository public or move the action implementation into this repository
• Add documentation explaining the action's purpose and functionality
• Consider using a well-known public action for pre-commit hooks instead (e.g., pre-commit/action)

🔗 Analysis chain

Verify custom action and add documentation

Using a custom action with a pinned commit hash is good for immutability, but it's important to:

1. Document what this custom action does
2. Verify the action's implementation
3. Consider using semantic versioning tags for easier updates

Let's verify the action's implementation:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the custom action's implementation and documentation

# Check if the action has documentation
gh api \
  -H "Accept: application/vnd.github+json" \
  repos/5ouma/utils/contents/pre-commit/README.md \
  --jq '.content' 2>/dev/null | base64 -d || echo "No README found"

# Check the action's implementation
gh api \
  -H "Accept: application/vnd.github+json" \
  repos/5ouma/utils/contents/pre-commit/action.yml \
  --jq '.content' 2>/dev/null | base64 -d || echo "No action.yml found"

Length of output: 533

---

Script:

#!/bin/bash
# Let's try a different approach to fetch the repository content
# First, let's check if the repository exists and is public
gh repo view 5ouma/utils --json description,isPrivate,defaultBranch || echo "Repository not accessible"

# Let's also check the commit directly
gh api \
  -H "Accept: application/vnd.github+json" \
  repos/5ouma/utils/commits/23aec800e821891339568c454135bb9befe36fce \
  --jq '.commit.message' || echo "Commit not accessible"

Length of output: 1576