From f347e9215f880fd2e9c1b07a0b3221f1aefe5883 Mon Sep 17 00:00:00 2001
From: George Higashiyama <george@higashiyama.us>
Date: Sat, 15 Jun 2024 20:56:28 -0700
Subject: [PATCH 1/2] Add MegaLinter for JSON and GitHub Workflow files

---
 .github/linters/.jsonlintrc              |  7 ++++
 .github/linters/README.md                |  9 +++++
 .github/problem-matchers/README.md       | 24 +++++++++++++
 .github/problem-matchers/actionlint.json | 17 +++++++++
 .github/problem-matchers/jsonlint.json   | 17 +++++++++
 .github/workflows/linter.yml             | 46 ++++++++++++++++++++++++
 .mega-linter.yml                         | 14 ++++++++
 7 files changed, 134 insertions(+)
 create mode 100644 .github/linters/.jsonlintrc
 create mode 100644 .github/linters/README.md
 create mode 100644 .github/problem-matchers/README.md
 create mode 100644 .github/problem-matchers/actionlint.json
 create mode 100644 .github/problem-matchers/jsonlint.json
 create mode 100644 .github/workflows/linter.yml
 create mode 100644 .mega-linter.yml

diff --git a/.github/linters/.jsonlintrc b/.github/linters/.jsonlintrc
new file mode 100644
index 000000000..23de41120
--- /dev/null
+++ b/.github/linters/.jsonlintrc
@@ -0,0 +1,7 @@
+{
+  "trailing-commas": true,
+  "duplicate-keys": true,
+  "compact": true,
+  "continue": true,
+  "quiet": true
+}
\ No newline at end of file
diff --git a/.github/linters/README.md b/.github/linters/README.md
new file mode 100644
index 000000000..3a6b8b7b3
--- /dev/null
+++ b/.github/linters/README.md
@@ -0,0 +1,9 @@
+# Linters
+
+This directory aims to consolidate configuration files from all linters. MegaLinter knows to look for any linter specific configurations in this directory.
+
+## Local Linting
+
+If you have Docker and npm installed locally then you can run MegaLinter using the exact same configuration as the CI runners.
+
+See [MegaLinter docs](https://megalinter.io/latest/mega-linter-runner/) for instructions on local setup.
diff --git a/.github/problem-matchers/README.md b/.github/problem-matchers/README.md
new file mode 100644
index 000000000..17a790ee3
--- /dev/null
+++ b/.github/problem-matchers/README.md
@@ -0,0 +1,24 @@
+# Problem Matchers
+
+[GitHub Official Problem Matchers Documentation](https://github.com/actions/toolkit/blob/main/docs/problem-matchers.md)
+
+## Summary
+
+Problem Matchers are used to scan the output of GitHub workflows and display any errors/warnings/information directly on the Pull Request web view.
+
+### Purpose
+
+- **Identify Issues:** Detects and highlights errors, warnings, and informational messages from action outputs.
+- **Create Annotations:** Automatically generates GitHub Annotations and log file decorations when matches are found.
+- **Improve Visibility:** Surfaces critical information prominently in the UI for easier debugging and review.
+
+### Use Cases
+
+- **Automated Code Review:** Integrate with tools to automatically detect coding standard violations.
+- **Continuous Integration:** Enhance CI workflows by providing immediate feedback on build or test failures.
+- **Custom Log Parsing:** Create custom matchers to identify and annotate specific patterns in log outputs.
+
+### Key Features
+
+- **Regex-Based Matching:** Uses regular expressions to define the patterns to look for in the logs.
+- **Customization:** Allows users to define custom matchers and register/unregister them in GitHub workflows.
diff --git a/.github/problem-matchers/actionlint.json b/.github/problem-matchers/actionlint.json
new file mode 100644
index 000000000..7b1ba251e
--- /dev/null
+++ b/.github/problem-matchers/actionlint.json
@@ -0,0 +1,17 @@
+{
+    "problemMatcher": [
+      {
+        "owner": "actionlint",
+        "pattern": [
+          {
+            "regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$",
+            "file": 1,
+            "line": 2,
+            "column": 3,
+            "message": 4,
+            "code": 5
+          }
+        ]
+      }
+    ]
+  }
\ No newline at end of file
diff --git a/.github/problem-matchers/jsonlint.json b/.github/problem-matchers/jsonlint.json
new file mode 100644
index 000000000..0f3161935
--- /dev/null
+++ b/.github/problem-matchers/jsonlint.json
@@ -0,0 +1,17 @@
+{
+    "problemMatcher": [
+        {
+            "owner": "jsonlint",
+            "pattern": [
+                {
+                    "regexp": "^(.*[\\/\\\\])?([.\\w\\-_]*):\\sline\\s(\\d*).*col\\s(\\d*),\\s(.*)$",
+                    "fromPath": 1,
+                    "file": 2,
+                    "line": 3,
+                    "column": 4,
+                    "message": 5
+                }
+            ]
+        }
+    ]
+}
\ No newline at end of file
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
new file mode 100644
index 000000000..33e1410aa
--- /dev/null
+++ b/.github/workflows/linter.yml
@@ -0,0 +1,46 @@
+# Linting action to run on pull requests.
+# Refer to the .mega-linter.yml file to enable or disable other linters.
+# Refer to .github/linters for linter specific configurations.
+# Refer to .github/problem-matchers for configuration GitHub annotations on linting errors.
+name: MegaLinter
+on:
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  megalinter:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read # Read from repository
+      issues: write # Write to PR comments section.
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.UEPSEUDO_PAT }}
+          submodules: recursive
+          fetch-depth: 0
+
+        # Register problem matchers to report issues as annotation on GitHub PRs.
+      - name: Register Problem Matchers
+        run: |
+          echo "::add-matcher::.github/problem-matchers/jsonlint.json"
+          echo "::add-matcher::.github/problem-matchers/actionlint.json"
+
+      - name: MegaLinter
+        id: ml
+        uses: oxsecurity/megalinter@v7
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+        # Unregistering problem matchers isn't strictly necessary but not harmful to include.
+        # It protects us from registering duplicate matchers if we add additional steps to this workflow or retool it as a composite/reusable workflow.
+      - name: Unregister Problem Matchers
+        run: |
+          echo "::remove-matcher owner=jsonlint::"
+          echo "::remove-matcher owner=actionlint::"
diff --git a/.mega-linter.yml b/.mega-linter.yml
new file mode 100644
index 000000000..342d82de5
--- /dev/null
+++ b/.mega-linter.yml
@@ -0,0 +1,14 @@
+# Configuration file for MegaLinter
+# See all available variables at https://megalinter.io/configuration/ and in linters documentation
+
+# Global Settings
+FLAVOR_SUGGESTIONS: false
+APPLY_FIXES: false
+PRINT_ALL_FILES: false
+SHOW_ELAPSED_TIME: true
+
+# Linter List
+ENABLE_LINTERS:
+  - "JSON_JSONLINT"
+  - "ACTION_ACTIONLINT"
+

From 6bc63e05fdf41fa5a0b8387e8d398b34ddae6ead Mon Sep 17 00:00:00 2001
From: George Higashiyama <george@higashiyama.us>
Date: Sun, 16 Jun 2024 18:00:37 -0700
Subject: [PATCH 2/2] Add PR write permissions

---
 .github/workflows/linter.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index 33e1410aa..18e092bf3 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -17,7 +17,9 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read # Read from repository
-      issues: write # Write to PR comments section.
+      # Read/write to PR comments section.
+      issues: write
+      pull-requests: write
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4