From 0362e09df2583fdc65b2471ffc24e6b56b610f90 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:08:17 -0700 Subject: [PATCH 01/18] Reduce unnecessarily broad scope of taskfile var The `WORKFLOW_SCHEMA_PATH` taskfile variable is only used in the `workflow:validate` task, and is certain to only ever be used there. Declaring it at the global scope only makes the workflow more difficult to understand and maintain. --- Taskfile.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 05a34530d..546b6fa9e 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -333,6 +333,9 @@ tasks: workflow:validate: desc: Validate GitHub Actions workflows against JSON schema + vars: + WORKFLOW_SCHEMA_PATH: + sh: mktemp -t workflow-schema-XXXXXXXXXX.json cmds: - wget --output-document={{ .WORKFLOW_SCHEMA_PATH }} https://json.schemastore.org/github-workflow - npx ajv-cli validate --strict=false -s {{ .WORKFLOW_SCHEMA_PATH }} -d "./.github/workflows/*.{yml,yaml}" @@ -396,7 +399,5 @@ vars: PRETTIER: prettier@2.1.2 - WORKFLOW_SCHEMA_PATH: "$(mktemp -t gha-workflow-schema-XXXXXXXXXX.json)" - CODESPELL_SKIP_OPTION: '--skip "./.git,go.mod,go.sum,./arduino-lint,./arduino-lint.exe,./internal/rule/rulefunction/testdata/libraries/MisspelledSentenceParagraphValue/library.properties,./site"' CODESPELL_IGNORE_WORDS_OPTION: "--ignore-words ./etc/codespell-ignore-words-list.txt" From 233bbb9ae4fb6fe44a529e2db977c042228e39f2 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:16:47 -0700 Subject: [PATCH 02/18] Remove padding from `workflow:validate` task's templates This brings the task into compliance with the taskfile style guide: https://taskfile.dev/#/styleguide?id=dont-wrap-vars-in-spaces-when-templating --- Taskfile.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 546b6fa9e..25f945735 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -337,8 +337,8 @@ tasks: WORKFLOW_SCHEMA_PATH: sh: mktemp -t workflow-schema-XXXXXXXXXX.json cmds: - - wget --output-document={{ .WORKFLOW_SCHEMA_PATH }} https://json.schemastore.org/github-workflow - - npx ajv-cli validate --strict=false -s {{ .WORKFLOW_SCHEMA_PATH }} -d "./.github/workflows/*.{yml,yaml}" + - wget --output-document={{.WORKFLOW_SCHEMA_PATH}} https://json.schemastore.org/github-workflow + - npx ajv-cli validate --strict=false -s {{.WORKFLOW_SCHEMA_PATH}} -d "./.github/workflows/*.{yml,yaml}" # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-general-formatting-task/Taskfile.yml general:check-formatting: From e9f4d8b58b451290e714c4ef7166eb04aeb84834 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:20:30 -0700 Subject: [PATCH 03/18] Expand usage of variables in `workflows:validate` task This facilitates the addition of a comment indicating the repository location of the schema file in case an error is discovered. As for the `WORKFLOWS_DATA_PATH` variable, I'm not sure why I did that (this is being imported from the template workflow which was developed as an independent project 6 months ago). --- Taskfile.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 25f945735..138542496 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -334,11 +334,14 @@ tasks: workflow:validate: desc: Validate GitHub Actions workflows against JSON schema vars: + # Source: https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/github-workflow.json + WORKFLOW_SCHEMA_URL: https://json.schemastore.org/github-workflow WORKFLOW_SCHEMA_PATH: sh: mktemp -t workflow-schema-XXXXXXXXXX.json + WORKFLOWS_DATA_PATH: "./.github/workflows/*.{yml,yaml}" cmds: - - wget --output-document={{.WORKFLOW_SCHEMA_PATH}} https://json.schemastore.org/github-workflow - - npx ajv-cli validate --strict=false -s {{.WORKFLOW_SCHEMA_PATH}} -d "./.github/workflows/*.{yml,yaml}" + - wget --output-document={{.WORKFLOW_SCHEMA_PATH}} {{.WORKFLOW_SCHEMA_URL}} + - npx ajv-cli validate --strict=false -s {{.WORKFLOW_SCHEMA_PATH}} -d "{{.WORKFLOWS_DATA_PATH}}" # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-general-formatting-task/Taskfile.yml general:check-formatting: From 9341b19f225826f759f0eef360ada4dd362132e3 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:27:56 -0700 Subject: [PATCH 04/18] Quote paths in `workflows:validate` task This will prevent breakage in the event the path contains spaces. --- Taskfile.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 138542496..c6cbb905d 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -340,8 +340,8 @@ tasks: sh: mktemp -t workflow-schema-XXXXXXXXXX.json WORKFLOWS_DATA_PATH: "./.github/workflows/*.{yml,yaml}" cmds: - - wget --output-document={{.WORKFLOW_SCHEMA_PATH}} {{.WORKFLOW_SCHEMA_URL}} - - npx ajv-cli validate --strict=false -s {{.WORKFLOW_SCHEMA_PATH}} -d "{{.WORKFLOWS_DATA_PATH}}" + - wget --output-document="{{.WORKFLOW_SCHEMA_PATH}}" {{.WORKFLOW_SCHEMA_URL}} + - npx ajv-cli validate --strict=false -s "{{.WORKFLOW_SCHEMA_PATH}}" -d "{{.WORKFLOWS_DATA_PATH}}" # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-general-formatting-task/Taskfile.yml general:check-formatting: From 0b9444016cb1de6c81292dbf6cd2dea1383cf645 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:30:42 -0700 Subject: [PATCH 05/18] Add line breaks to `workflow:validate` task commands This makes it easier to understand the structure of long commands. --- Taskfile.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index c6cbb905d..f7fc42260 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -340,8 +340,16 @@ tasks: sh: mktemp -t workflow-schema-XXXXXXXXXX.json WORKFLOWS_DATA_PATH: "./.github/workflows/*.{yml,yaml}" cmds: - - wget --output-document="{{.WORKFLOW_SCHEMA_PATH}}" {{.WORKFLOW_SCHEMA_URL}} - - npx ajv-cli validate --strict=false -s "{{.WORKFLOW_SCHEMA_PATH}}" -d "{{.WORKFLOWS_DATA_PATH}}" + - | + wget \ + --output-document="{{.WORKFLOW_SCHEMA_PATH}}" \ + {{.WORKFLOW_SCHEMA_URL}} + - | + npx \ + ajv-cli validate \ + --strict=false \ + -s "{{.WORKFLOW_SCHEMA_PATH}}" \ + -d "{{.WORKFLOWS_DATA_PATH}}" # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-general-formatting-task/Taskfile.yml general:check-formatting: From b396c1e00d4081326789e86ffb1f110f7fa4af22 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:46:41 -0700 Subject: [PATCH 06/18] Reduce unnecessary verbosity of `workflow:validate` task The output from the schema download process is not of interests and makes it more difficult to find the important schema validation output in the event of a failure. --- Taskfile.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/Taskfile.yml b/Taskfile.yml index f7fc42260..938d45fd8 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -342,6 +342,7 @@ tasks: cmds: - | wget \ + --quiet \ --output-document="{{.WORKFLOW_SCHEMA_PATH}}" \ {{.WORKFLOW_SCHEMA_URL}} - | From c5fc7c9c7e08bf76a471592d82968857da436e0d Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:47:54 -0700 Subject: [PATCH 07/18] Enable JSON schema validator support for "format" keyword Support for the JSON schema "format" keyword was moved to a separate package in ajv v7.0.0 (ajv-cli v4.0.0). If this package is not installed and specified as a module via the ajv-cli command, validation against any schema that uses "format" fails, even when the instance document is completely valid. Even though none of the JSON schemas currently in use by the templates and CI system have a "format" keyword, there's no reason one couldn't be added at any moment, so it's safest to just add support now. The change to ajv was done for security purposes when used with untrusted data, which is not a concern here. --- Taskfile.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Taskfile.yml b/Taskfile.yml index 938d45fd8..371235993 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -347,8 +347,11 @@ tasks: {{.WORKFLOW_SCHEMA_URL}} - | npx \ - ajv-cli validate \ + --package=ajv-cli \ + --package=ajv-formats \ + ajv validate \ --strict=false \ + -c ajv-formats \ -s "{{.WORKFLOW_SCHEMA_PATH}}" \ -d "{{.WORKFLOWS_DATA_PATH}}" From 9a43e1f034e1e414388a83a29f84eed2443043ee Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:48:37 -0700 Subject: [PATCH 08/18] Report all errors when schema validation occurs The templates and the repository's CI system use the `ajv-cli` JSON schema validator to check the data format of various files. The default behavior of `ajv-cli` is to bail out on the first error. I think it is slightly more convenient to get all the errors at once to allow fixing all of them in one go rather than having to repeatedly run the validation before discovering all of them. This behavior is provided by adding the `--all-errors` flag to the `ajv-cli`' commands. --- Taskfile.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/Taskfile.yml b/Taskfile.yml index 371235993..009894145 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -350,6 +350,7 @@ tasks: --package=ajv-cli \ --package=ajv-formats \ ajv validate \ + --all-errors \ --strict=false \ -c ajv-formats \ -s "{{.WORKFLOW_SCHEMA_PATH}}" \ From d50a2a23fe99bb3abed45b77c2c91cf8c2844d37 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:49:48 -0700 Subject: [PATCH 09/18] Use standardized task name for validating workflows This is the name that was chosen for the standard template for GitHub Actions workflow validation, to be used on all Arduino tooling projects. --- .github/workflows/lint-config.yml | 3 ++- Taskfile.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index 6e7dd0f7a..aaf400e92 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -29,4 +29,5 @@ jobs: version: 3.x - name: Lint configuration files - run: task config:lint + run: task ci:validate + diff --git a/Taskfile.yml b/Taskfile.yml index 009894145..7ef14e689 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -331,7 +331,7 @@ tasks: cmds: - task: workflow:validate - workflow:validate: + ci:validate: desc: Validate GitHub Actions workflows against JSON schema vars: # Source: https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/github-workflow.json From 2f06a51b543de020c855a5cac999ea1296505437 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:53:04 -0700 Subject: [PATCH 10/18] Sync `ci:validate` task description with template --- Taskfile.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Taskfile.yml b/Taskfile.yml index 7ef14e689..95f309ea1 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -332,7 +332,7 @@ tasks: - task: workflow:validate ci:validate: - desc: Validate GitHub Actions workflows against JSON schema + desc: Validate GitHub Actions workflows against their JSON schema vars: # Source: https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/github-workflow.json WORKFLOW_SCHEMA_URL: https://json.schemastore.org/github-workflow From d08e08e0369a4c1fc2154966d363bf8123bdef81 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 10:54:36 -0700 Subject: [PATCH 11/18] Add source URL comment to `ci:validate` task This will make it easier for the maintainers to sync fixes and improvements in either direction between the upstream "template" tasks and their installation in this repository. --- Taskfile.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/Taskfile.yml b/Taskfile.yml index 95f309ea1..07a8ae50a 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -331,6 +331,7 @@ tasks: cmds: - task: workflow:validate + # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/check-workflows-task/Taskfile.yml ci:validate: desc: Validate GitHub Actions workflows against their JSON schema vars: From 33ed11b1388935bdc1cf1a3de7ec88530ec41b05 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 11:00:07 -0700 Subject: [PATCH 12/18] Suppress irrelevant output when running workflow validation task By default, Task displays the commands it is running. With a simple task, this is reasonable for the sake of transparency of what is being done. However, with more complex tasks, it clutters up the output with information that is largely irrelevant to the task user. This is avoided by the addition of the `--silent` flag. Note that this does not suppress the output from the commands the task runs, but only the output from Task itself. --- .github/workflows/lint-config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index aaf400e92..58795de81 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -29,5 +29,5 @@ jobs: version: 3.x - name: Lint configuration files - run: task ci:validate + run: task --silent ci:validate From cf8cd41ad8549d8192c966942c746a0ab1ba4ac0 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 11:10:03 -0700 Subject: [PATCH 13/18] Make "Lint configuration files" workflow path filter handle either YAML file extension There are two file extensions in common use for YAML files: `.yaml` and `.yml`. Although this project uses `.yml` exclusively for YAML files, this is a standardized workflow which might be applied to projects that have established the use of the other extension. It will be most flexible if it supports both. --- .github/workflows/lint-config.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index 58795de81..b1887b673 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -4,13 +4,13 @@ on: push: paths: - ".github/workflows/lint-config.yml" - - "Taskfile.yml" - - ".github/workflows/*.yml" + - ".github/workflows/*.ya?ml" + - "Taskfile.ya?ml" pull_request: paths: - ".github/workflows/lint-config.yml" - - "Taskfile.yml" - - ".github/workflows/*.yml" + - ".github/workflows/*.ya?ml" + - "Taskfile.ya?ml" schedule: # Run every Tuesday at 03:00 UTC to catch breakage caused by changes to the GitHub Actions workflow schema - cron: "0 3 * * 2" From 0d8c1526a990a3600b606b01a56041dfe33c3814 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 15:18:52 -0700 Subject: [PATCH 14/18] Use standardized job name for "Check Workflows" workflow This is the naming conventions established in the standardized template workflow. Even though it was never realized, the original idea was for the scope of this workflow to be for linting of the repository's configuration file, paralleling the established "Check Config File Formatting" workflow. However, that approach leads to inefficient workflow trigger path filters. The better approach is to scope workflows to a file type. So it is more appropriate to scope the workflow to any checks specific to GitHub Actions workflows, and the workflow name should reflect that purpose. --- .github/workflows/lint-config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index b1887b673..ffd9b4f5a 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -1,4 +1,4 @@ -name: Lint configuration files +name: Check Workflows on: push: From aec1b392b1bf393715c4b3c550490b2057f1e2a0 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 15:24:52 -0700 Subject: [PATCH 15/18] Use day name in "Check Workflows" workflow's schedule trigger At the time it was written, there was some lack of support for the use of day name abreviations in the crontab definition for the `schedule` trigger of GitHub Actions workflows (perhaps it was the JSON schema?). Since that time, the issue was resolved. The crontab is easier to understand with the day name in place of day number. --- .github/workflows/lint-config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index ffd9b4f5a..55ca769ca 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -13,7 +13,7 @@ on: - "Taskfile.ya?ml" schedule: # Run every Tuesday at 03:00 UTC to catch breakage caused by changes to the GitHub Actions workflow schema - - cron: "0 3 * * 2" + - cron: "0 8 * * TUE" jobs: lint: From 2109b90fb8868bf3a6f9290180f0caeb244c70b1 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 15:40:10 -0700 Subject: [PATCH 16/18] Add manual events as "Check Workflows" workflow triggers The `workflow_dispatch` event allows triggering the workflow via the GitHub web interface. This makes it easy to trigger an immediate workflow run after some relevant external change. The `repository_dispatch` event allows triggering workflows via the GitHub API. This might be useful for triggering an immediate check in multiple relevant repositories after an external change, or some automated process. Although we don't have any specific need for this event at the moment, the event has no impact on the workflow, so there is no reason against having it. It is the sort of thing that can end up being useful if it is already in consistently in place, but not worth setting up on demand, since the effort to set it up is greater than the effort to trigger all the workflows manually. --- .github/workflows/lint-config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/lint-config.yml index 55ca769ca..ce829eb66 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/lint-config.yml @@ -1,5 +1,6 @@ name: Check Workflows +# See: https://docs.github.com/en/actions/reference/events-that-trigger-workflows on: push: paths: @@ -14,6 +15,8 @@ on: schedule: # Run every Tuesday at 03:00 UTC to catch breakage caused by changes to the GitHub Actions workflow schema - cron: "0 8 * * TUE" + workflow_dispatch: + repository_dispatch: jobs: lint: From 99f1c86f57a1797b430681995a1d962b081feba3 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 15:41:08 -0700 Subject: [PATCH 17/18] Use standardized filename for "Check Workflows" workflow This is the template workflow filename, which is intended to serve as a unique identifier, and thus must be a bit more verbose. --- .../{lint-config.yml => check-workflows-task.yml} | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) rename .github/workflows/{lint-config.yml => check-workflows-task.yml} (65%) diff --git a/.github/workflows/lint-config.yml b/.github/workflows/check-workflows-task.yml similarity index 65% rename from .github/workflows/lint-config.yml rename to .github/workflows/check-workflows-task.yml index ce829eb66..5d433c420 100644 --- a/.github/workflows/lint-config.yml +++ b/.github/workflows/check-workflows-task.yml @@ -1,36 +1,35 @@ +# Source: https://github.com/arduino/tooling-project-assets/blob/master/workflow-templates/check-workflows-task.md name: Check Workflows # See: https://docs.github.com/en/actions/reference/events-that-trigger-workflows on: push: paths: - - ".github/workflows/lint-config.yml" - ".github/workflows/*.ya?ml" - "Taskfile.ya?ml" pull_request: paths: - - ".github/workflows/lint-config.yml" - ".github/workflows/*.ya?ml" - "Taskfile.ya?ml" schedule: - # Run every Tuesday at 03:00 UTC to catch breakage caused by changes to the GitHub Actions workflow schema + # Run every Tuesday at 8 AM UTC to catch breakage resulting from changes to the JSON schema. - cron: "0 8 * * TUE" workflow_dispatch: repository_dispatch: jobs: - lint: + validate: runs-on: ubuntu-latest + steps: - - name: Checkout local repository + - name: Checkout repository uses: actions/checkout@v2 - - name: Install Taskfile + - name: Install Task uses: arduino/setup-task@v1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} version: 3.x - - name: Lint configuration files + - name: Validate workflows run: task --silent ci:validate - From f8c83c7d4697eccb84693fe01cb13e3043cf7f37 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 1 Aug 2021 15:41:35 -0700 Subject: [PATCH 18/18] Add "Check Workflows" workflow badge to readme The badges provide a prominent indication of the repository's CI status at a glance. This may help to bring potential issues to the attention of the maintainers. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7e8f6e463..416b24be3 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ [![Codecov](https://codecov.io/gh/arduino/arduino-lint/branch/main/graph/badge.svg?token=nprqPQMbdh)](https://codecov.io/gh/arduino/arduino-lint) [![Check Prettier Formatting status](https://github.com/arduino/arduino-lint/actions/workflows/check-prettier-formatting-task.yml/badge.svg)](https://github.com/arduino/arduino-lint/actions/workflows/check-prettier-formatting-task.yml) [![Check General Formatting status](https://github.com/arduino/arduino-lint/actions/workflows/check-general-formatting-task.yml/badge.svg)](https://github.com/arduino/arduino-lint/actions/workflows/check-general-formatting-task.yml) +[![Check Workflows status](https://github.com/arduino/arduino-lint/actions/workflows/check-workflows-task.yml/badge.svg)](https://github.com/arduino/arduino-lint/actions/workflows/check-workflows-task.yml) [![Check Shell Scripts status](https://github.com/arduino/arduino-lint/actions/workflows/check-shell-task.yml/badge.svg)](https://github.com/arduino/arduino-lint/actions/workflows/check-shell-task.yml) [![Check Certificates status](https://github.com/arduino/arduino-lint/actions/workflows/check-certificates.yml/badge.svg)](https://github.com/arduino/arduino-lint/actions/workflows/check-certificates.yml)