Running PSScriptAnalyzer in GitHub Actions

I was working on a project recently that has some PowerShell scripts and I wanted to add some kind of linting for PRs, as you do. The go-to for PowerShell seems to be PSScriptAnalyzer and it's something I've already setup in VS Code. Great! The next step was to setup a GitHub action to run PSScriptAnalyzer on my PowerShell scripts for each PR, and fail on any errors. It turns out, this is a fairly easy thing to do since the default Ubuntu GitHub-Hosted runners already come with PowerShell and PSScriptAnalyzer installed.

This is what I have setup in my PSScriptAnalyzer.ymlworkflow file in .github/worflows/:

name: Run PSPSScriptAnalyzer on PowerShell Scripts

on:
  pull_request:

jobs:
  PSScriptAnalyzer:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Run PSScriptAnalyzer on PowerShell Scripts
        shell: pwsh
        run: |
          Invoke-ScriptAnalyzer -Path ./files/ -Recurse -Severity Error -EnableExit

You invoke PSScriptAnalyzer with the Invoke-ScriptAnalyzer command and I set the following paramaters:

• All my PowerShell scripts are in a directory called files so use -Path ./files/.
• I add -Recurse to analyze any scripts in subdirectories of files.
• I set -Severity Error because I just care about errors and not warnings
• I add -EnableExit to return an exit code if there are any errors.

I should note at this point that there is an existing PSScriptAnalyzer GitHub action: https://github.com/microsoft/psscriptanalyzer-action

I wasn't particularly interested in SARIF output, which the PSScriptAnalyzer GitHub action produces, and since PSScriptAnalyzer is already installed and easy enough to use, using a separate action seemed like overkill for my needs.