New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for remote config file #2137
Comments
Hey, thank you for opening your first Issue ! 🙂 If you would like to contribute we have a guide for contributors. |
Would it make sense to get the config as a dependent macro? You could make it /tmp/.golangci.yml:
curl https://team.repository.com/lint/.golangci-lint.yaml --output /tmp/.golangci.yml
.PHONY: lint
lint: /tmp/.golangci.yml
golangci-lint run --config=/tmp/.golangci.yml |
Hi! Thanks, that's a good workaround! Wouldn't be easier to get it integrated inside golangci-lint or is it out of scope ? |
Every remote interaction is a possible security issue, it would be better to not embed this kind of remote access in the binary. |
also, the reading remote file requires some additional configuration options:
it is really better to download the config file by curl |
also it would be great to support git protocol |
Does #2241 satisfy these use cases? If you want to use It also adds the option of fetching the configuration from a referenced go module, which means |
Is this close enough? #2618 You should be able to run It assumes you have |
Nice, good to see I wasn't the only one missing this feature. I didn't see this issue when I sent the PR for process substitution to work yesterday. FWIW I absolutely agree that golangci should not attempt to fetch files itself from remote sources :) Just a tip, if you need to use a token to access github like I do for work the command can be written like this:
|
Thanks for landing this 🎉 From my previously linked PR:
Any workaround ideas, or am I still waiting for #1141 ? |
If you're using github for example (I'm sure other git services can do something similar), you could always pin the linter rules to a tag or branch etc.:
Sure, that's less sophisticated than go modules (and maybe that's for the better lol) but it should get the job done and not break the rules when updates happen upstream. You could also use a tool like yq to merge a custom yaml into the base yaml (https://mikefarah.gitbook.io/yq/v/v2.x/merge) and have that passed in via stdin to golangci or use process substitution etc. now that it works. Personally I think keeping the tool simple and leveraging the environment in which it runs is a better approach than making the tool do more. Unix blah blah blah... |
your feature request related to a problem? Please describe.
When working in a multiple services environnent it can be hard to maintain and to update lint rules at the team/project level.
When a library is no more maintained or with a big security issue, adding the rule to stop using it for each project can be pretty time consuming.
Describe the solution you'd like.
Maintaining a single repository with lint rules for the project/team.
With a CI/CD pipeline pushing the latest rules to an S3 bucket , nexus repository or something else.
Then for each project/service the Makefile would be like:
Describe alternatives you've considered.
Additional context
Here is the implementation pull request: #2136
The text was updated successfully, but these errors were encountered: