Molecule AI Plugin-Dev
b96821c885
The grep-based secrets check matched literal credential patterns in documentation (e.g., "sk-ant-..." in CLAUDE.md examples), causing false-positive CI failures. Replace with a Python script that: - Skips .molecule-ci/ directory entirely - Uses context-aware matching (requires quotes or assignment context) - Filters out documentation examples with "..." or <example> markers - Handles all three reusable workflows (plugin, workspace-template, org-template)
21 lines
557 B
YAML
21 lines
557 B
YAML
name: Validate Org Template
|
|
on:
|
|
workflow_call:
|
|
|
|
jobs:
|
|
validate:
|
|
name: Org template validation
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.11"
|
|
cache: "pip"
|
|
cache-dependency-path: .molecule-ci/scripts/requirements.txt
|
|
- run: pip install pyyaml -q
|
|
- run: python3 .molecule-ci/scripts/validate-org-template.py
|
|
- name: Check for secrets
|
|
run: python3 scripts/check-secrets.py
|