till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 22:01:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/lint-staged.config.js
Till JS 6c0f88f5a2 chore(infra): pre-commit validator for cloudflared-config.yml 
Adds scripts/validate-cloudflared-config.mjs — a node-only validator
that lint-staged runs whenever cloudflared-config.yml is staged. The
goal is to catch the same failure modes that
`cloudflared tunnel ingress validate` would catch on the server, but
without requiring cloudflared to be installed on every dev box.

Checks:
  - YAML parses
  - tunnel: is a uuid
  - credentials-file: ends with .json and contains the tunnel id
    (warning when it doesn't — likely an out-of-sync remnant from a
    previous rebuild, exactly the failure mode that bit us in the
    first locally-managed switch)
  - ingress: is a non-empty array
  - every rule except the last has both hostname AND service
  - the LAST rule is the catch-all `service: http_status:NNN`
  - no duplicate hostnames (the most common copy-paste mistake)
  - service URLs look like http(s):// / ssh:// / http_status:NNN
    / unix:/ / hello_world
  - hostnames are lowercase dot-separated DNS labels (no spaces, no
    weird characters)

Wired into lint-staged.config.js with a single glob entry; the
existing eslint + prettier flow is unchanged.

Tested against the live cloudflared-config.yml (passes, 51 hostnames)
and a synthetic broken file (catches all 6 categories of error +
the credentials-file/tunnel id drift warning).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 18:02:51 +02:00

14 lines
820 B
JavaScript
Raw Blame History

export default {
'*.{ts,tsx,js,jsx,mjs,cjs}': [
'eslint --fix --ignore-pattern "apps-archived/**" --ignore-pattern "services-archived/**" --ignore-pattern "**/web-archived/**" --ignore-pattern "**/server-archived/**"',
'prettier --config .prettierrc.json --write',
],
'*.{json,md,svelte,astro}': ['prettier --config .prettierrc.json --write'],
// Validate the tunnel config locally so a malformed ingress map can
// never reach main. The validator runs entirely in node (no
// cloudflared CLI dependency on the dev box) and catches the same
// failure modes that `cloudflared tunnel ingress validate` would
// catch on the server: bad YAML, missing tunnel id, duplicate
// hostnames, missing catch-all, malformed service URLs.
'cloudflared-config.yml': ['node scripts/validate-cloudflared-config.mjs'],
};
Reference in a new issue View git blame Copy permalink