Switch to gha-fix

.github/workflows/gha-lint.yml

@@ -2,86 +2,76 @@ name: Lint GHA workflow files
 on: workflow_call
 jobs:
   lint:
-    timeout-minutes: 5
     runs-on: ubuntu-latest
     if: github.event.pull_request.draft == false
     permissions:
       contents: read
       pull-requests: write
     steps:
-      - name: Install pinact and ghatm
+      - name: Install gha-fix
         shell: bash
         run: |
           set -x
-          VERSION=1.6.0
-          TARGET=linux_amd64
-          SHA256_SUM=5562dfae2b70b9a14ba6bac99c691bec0bff41951411c713b5ea3fdbd28fbcc1
+          VERSION=0.2.0
+          SHA256_SUM=67308ee5d6d19a241cf5fd578ec6f8739054a9a46a7293c6e8160e0b618c8f4d
           curl --silent --show-error --fail --connect-timeout 3 --max-time 10 --retry 3 \
             --location --remote-name \
-            "https://github.com/suzuki-shunsuke/pinact/releases/download/v${VERSION}/pinact_${TARGET}.tar.gz"
-          echo "${SHA256_SUM} pinact_${TARGET}.tar.gz" | sha256sum -c
-          tar --extract --gzip --file "pinact_${TARGET}.tar.gz" --verbose
-          sudo install pinact /usr/local/bin/pinact
-
-          VERSION=0.3.4
-          TARGET=linux_amd64
-          SHA256_SUM=8724d5946f5f62defa01d17b5651629eb9ff47963f0d2114dd2da30c0bad7205
-          curl --silent --show-error --fail --connect-timeout 3 --max-time 10 --retry 3 \
-            --location --remote-name \
-            "https://github.com/suzuki-shunsuke/ghatm/releases/download/v${VERSION}/ghatm_${TARGET}.tar.gz"
-          echo "${SHA256_SUM} ghatm_${TARGET}.tar.gz" | sha256sum -c
-          tar --extract --gzip --file "ghatm_${TARGET}.tar.gz" --verbose
-          sudo install ghatm /usr/local/bin/ghatm
+            "https://github.com/Finatext/gha-fix/releases/download/v${VERSION}/gha-fix_Linux_x86_64.tar.gz"
+          echo "${SHA256_SUM} gha-fix_Linux_x86_64.tar.gz" | sha256sum -c
+          tar --extract --gzip --file gha-fix_Linux_x86_64.tar.gz --verbose
+          sudo install gha-fix /usr/local/bin/gha-fix
 
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ github.head_ref }}
           sparse-checkout: .github
 
-      - name: Run pinact lint and capture diff
-        id: pinact
+      - name: Run gha-fix pin and capture diff
+        id: pin
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         shell: bash
         run: |
           set -x
-          PINACT_DIFF_FILE="$(mktemp)"
-          echo "diff_file=${PINACT_DIFF_FILE}" >> "${GITHUB_OUTPUT}"
+          PIN_DIFF_FILE="$(mktemp)"
+          echo "diff_file=${PIN_DIFF_FILE}" >> "${GITHUB_OUTPUT}"
 
-          pinact run
+          gha-fix pin --ignore-owners Finatext -l debug
 
-          git diff > "${PINACT_DIFF_FILE}"
+          git diff > "${PIN_DIFF_FILE}"
 
-          if [[ -s "${PINACT_DIFF_FILE}" ]]; then
+          if [[ -s "${PIN_DIFF_FILE}" ]]; then
             echo "has_changes=true" >> "${GITHUB_OUTPUT}"
-            cat "${PINACT_DIFF_FILE}"
+            cat "${PIN_DIFF_FILE}"
           else
             echo "has_changes=false" >> "${GITHUB_OUTPUT}"
           fi
 
           git reset --hard HEAD
 
-      - name: Run ghatm lint and capture diff
-        id: ghatm
+      - name: Run gha-fix timeout and capture diff
+        id: timeout
         shell: bash
         run: |
           set -x
-          GHATM_DIFF_FILE="$(mktemp)"
-          echo "diff_file=${GHATM_DIFF_FILE}" >> "${GITHUB_OUTPUT}"
+          TIMEOUT_DIFF_FILE="$(mktemp)"
+          echo "diff_file=${TIMEOUT_DIFF_FILE}" >> "${GITHUB_OUTPUT}"
 
-          ghatm set --timeout-minutes 5
+          gha-fix timeout -l debug
 
-          git diff > "${GHATM_DIFF_FILE}"
+          git diff > "${TIMEOUT_DIFF_FILE}"
 
-          if [[ -s "${GHATM_DIFF_FILE}" ]]; then
+          if [[ -s "${TIMEOUT_DIFF_FILE}" ]]; then
             echo "has_changes=true" >> "${GITHUB_OUTPUT}"
-            cat "${GHATM_DIFF_FILE}"
+            cat "${TIMEOUT_DIFF_FILE}"
           else
             echo "has_changes=false" >> "${GITHUB_OUTPUT}"
           fi
 
           git reset --hard HEAD
 
       - name: Install reviewdog
-        if: steps.pinact.outputs.has_changes == 'true' || steps.ghatm.outputs.has_changes == 'true'
+        if: steps.pin.outputs.has_changes == 'true' || steps.timeout.outputs.has_changes == 'true'
         shell: bash
         run: |
           set -x
@@ -95,20 +85,20 @@ jobs:
           tar --extract --gzip --file "reviewdog_${VERSION}_${TARGET}.tar.gz" --verbose
           sudo install reviewdog /usr/local/bin/reviewdog
 
-      - name: Report pinact suggestions with reviewdog
-        if: steps.pinact.outputs.has_changes == 'true'
+      - name: Report gha-fix pin suggestions with reviewdog
+        if: steps.pin.outputs.has_changes == 'true'
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         shell: bash
         run: |
           set -x
-          reviewdog -f=diff -f.diff.strip=1 -name="pinact" -reporter=github-pr-review < ${{ steps.pinact.outputs.diff_file }}
+          reviewdog -f=diff -f.diff.strip=1 -name="gha-fix pin" -reporter=github-pr-review < ${{ steps.pin.outputs.diff_file }}
 
-      - name: Report ghatm suggestions with reviewdog
-        if: steps.ghatm.outputs.has_changes == 'true'
+      - name: Report gha-fix timeout suggestions with reviewdog
+        if: steps.timeout.outputs.has_changes == 'true'
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         shell: bash
         run: |
           set -x
-          reviewdog -f=diff -f.diff.strip=1 -name="ghatm" -reporter=github-pr-review < ${{ steps.ghatm.outputs.diff_file }}
+          reviewdog -f=diff -f.diff.strip=1 -name="gha-fix timeout" -reporter=github-pr-review < ${{ steps.timeout.outputs.diff_file }}