Automated GitHub PR code reviewer for Python, JavaScript, CSS, and more.
First, pip
install lintly:
$ pip install lintly
Lintly requires Python 3.6+.
Next, set the LINTLY_API_KEY
environment variable to your GitHub API Key:
$ export LINTLY_API_KEY="12345"
Finally, pipe the output of your linter to the lintly
script:
$ flake8 | lintly
Now you will see a review with linting errors...
...and a commit check...
...on your pull requests! Nifty! 🎉
-
$ flake8 | lintly --format=flake8
-
$ black . --diff --check | lintly --format=black
-
- For pylint you must use the
json
output format.
$ pylint . --output-format=json | lintly --format=pylint-json
- For pylint you must use the
-
$ eslint . | lintly --format=eslint
-
$ stylelint . | lintly --format=stylelint
-
$ bandit -r . --format=json | lintly --format=bandit-json
-
$ gitleaks --path=. --redact --no-git --report=>(lintly --format=gitleaks)
-
$ hadolint path/to/Dockerfile --format json | lintly --format=hadolint
-
$ terrascan scan -d path/to/terraform/file -o json | lintly --format=terrascan
-
$ trivy --quiet fs -f json path/to/directory/ | lintly --format=trivy
-
$ tfsec path/to/directory/ -f json | lintly --format=tfsec
-
$ cfn-lint template.yaml | lintly --format=cfn-lint
-
$ cfn_nag_scan --input-path cloudformation-template.yaml --output-format=json | lintly --format=cfn-nag
-
$ checkmake Makefile --format={{.LineNumber}}:{{.Rule}}:{{.Violation}} | lintly --format=checkmake
-
$ semgrep --config "p/r2c-security-audit" --json | lintly --format=semgrep
-
[deps-checker]
$ deps-checker path/to/dependency/file | lintly --format=deps-checker
Additional linters can be added by modifying the lintly/parsers.py
module.
At a minimum Lintly needs to know the following information to determine how to post the correct GitHub PR Review:
- GitHub API key (
--api-key
orLINTLY_API_KEY
env var)- Generate your own API Key here. The API key will need the following GitHub scopes:
repo:status
so that Lintly can post commit statuses on PRs.public_repo
so that Lintly can create pull request reviews on public repos.repo
so that Lintly can create pull request reviews on private repos.
- Generate your own API Key here. The API key will need the following GitHub scopes:
- GitHub repository (
--repo
orLINTLY_REPO
env var)- This is your repository in the format
grantmcconnaughey/lintly
.
Note: Most Continuous Integration platforms will provide this value automatically.
- This is your repository in the format
- Pull Request number (
--pr
orLINTLY_PR
env var)Note: Most Continuous Integration platforms will provide this value automatically.
- Slack Webhook (
--slack
orSLACK_WEBHOOK
env var)Post messages to slack. The message will include a summary of the violations and a link to the PR.
- LINTLY_FILE_OVERRIDE (
LINTLY_FILE_OVERRIDE
env var)Override the file/path provided by the tool with what is provided in an environment variable. Useful when the linter tool does not provide a full path and filename. Tools like TTAM Super-linter can override the tool and provide the information.
These configuration values can be provided to Lintly via environment variables, discovered automatically when run in a supported CI platform, or by being passed in as arguments to the Lintly CLI.
A list of all configuration values can be viewed by running lintly --help
.
Usage: lintly [OPTIONS]
Slurp up linter output and send it to a GitHub PR review.
Options:
--api-key TEXT The GitHub API key to use for commenting on
PRs (required)
--repo TEXT The GitHub repo name in the format
{owner}/{repo}
--pr TEXT The pull request number for this build
(required)
--commit-sha TEXT The commit Lintly is running against
(required)
--format [unix|flake8|pylint-json|eslint|eslint-unix|stylelint|black|cfn-lint|
cfn-nag|checkmake|bandit-json|gitleaks|hadolint|terrascan|trivy|tfsec|semgrep]
The linting output format Lintly should
expect to receive. Default "flake8"
--context TEXT Override the commit status context
--fail-on [any|new] Whether Lintly should fail if any violations
are detected or only if new violations are
detected. Default "any"
--post-status / --no-post-status
Used to determine if Lintly should post a PR
status to GitHub. Default true
--request-changes / --no-request-changes
Whether Lintly should post violations as a
PR request for changes instead of a comment
review. Default true
--use-checks / --no-use-checks Whether Lintly should try to use the GitHub
Checks API to report on changes requested.
This only works when running as a GitHub
App. Default false
--log Send Lintly debug logs to the console.
Default false
--exit-zero / --no-exit-zero Whether Lintly should exit with error code
indicating amount of violations or not.
Default false
--help Show this message and exit.
Lintly works out of the box with all of the CI platforms supported by ci.py. To add support for new CI platforms create a PR to the ci.py repo.
When using these Continuous Integration platforms the repository, pull request number, and commit SHA will be detected automatically.
To use Lintly with GitHub Actions, create a file called .github/workflows/lint.yaml
with the following contents:
name: Lint
on: [pull_request]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install dependencies
run: pip install flake8 lintly
- name: Lint with flake8
run: flake8 | lintly
env:
LINTLY_API_KEY: ${{ secrets.GITHUB_TOKEN }}
To use with Lintly with Travis CI, add the following to your .travis.yml
config file:
language: python
jobs:
include:
- stage: lint
install: pip install lintly
script: flake8 | lintly --format=flake8
stages:
- lint