Analyze and enforce modular architecture boundaries in your codebase using ModularGuard.
This GitHub Action integrates ModularGuard into your CI/CD pipeline to automatically detect architectural violations in pull requests, post detailed results as comments, and annotate specific code violations directly in the Files Changed tab.
- π Automatic Architecture Analysis - Runs ModularGuard on every pull request
- π¬ PR Comment Integration - Posts formatted results as pull request comments
- π Code Annotations - Highlights violations directly in the Files Changed tab
- β CI/CD Integration - Fails the workflow when architectural violations are found
- π Cross-Platform - Supports Linux, macOS, and Windows runners (x64 and ARM64)
- π¦ Binary Caching - Automatically caches ModularGuard binaries for faster runs
- βοΈ Configurable - Supports custom ModularGuard configuration files
Add this workflow to your repository at .github/workflows/modularguard.yml:
name: ModularGuard Analysis
on:
pull_request:
branches: [main]
jobs:
analyze:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run ModularGuard
uses: n2jsoft-public-org/ModularGuard-action@v0
with:
token: ${{ github.token }}name: ModularGuard Analysis
on:
pull_request:
branches: [main, develop]
jobs:
analyze:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
checks: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run ModularGuard
uses: n2jsoft-public-org/ModularGuard-action@v1
with:
directory: './src'
token: ${{ github.token }}
modularguard-version: '0.0.5'
config-path: '.modularguard.yml'| Name | Required | Default | Description |
|---|---|---|---|
directory |
No | . |
Directory to analyze (relative to repository root) |
token |
Yes | - | GitHub token for API access (use ${{ github.token }}) |
modularguard-version |
No | latest |
ModularGuard version to use (e.g., 0.0.5 or latest) |
config-path |
No | - | Path to ModularGuard configuration file |
| Name | Description |
|---|---|
violations-count |
Total number of violations found |
error-count |
Number of error-level violations |
warning-count |
Number of warning-level violations |
status |
Analysis status: success or failure |
The action requires the following permissions:
permissions:
contents: read # To checkout code
pull-requests: write # To post comments on PRs
checks: write # To create check runs with annotationsThese permissions are automatically available when using ${{ github.token }} in public repositories. For private repositories or organization-level restrictions, you may need to configure these explicitly.
- Download & Cache - Downloads the appropriate ModularGuard binary for your platform and caches it for future runs
- Execute Analysis - Runs ModularGuard on the specified directory with JSON output
- Create Check Run - Creates a GitHub Check Run with a summary and file annotations (up to 50 violations)
- Post PR Comment - Creates or updates a comment on the pull request with a formatted table of violations
- Set Workflow Status - Fails the workflow if error-level violations are found
The action posts a formatted comment on your pull request:
## ModularGuard Analysis Results
β **Analysis Failed**
### Summary
- **Total Modules:** 9
- **Total Projects:** 85
- **Errors:** 1
- **Warnings:** 0
### Violations
| Severity | File:Line | Project | Invalid Reference | Description |
|----------|-----------|---------|-------------------|-------------|
| π΄ Error | `src/invoices/Invoices.Infrastructure/Invoices.Infrastructure.csproj:3` | Invoices.Infrastructure | Auditing.Abstractions | Project of type 'infrastructure' cannot reference 'Auditing.Abstractions'... |
π‘ **Suggestions**
- Remove the reference to 'Auditing.Abstractions' from 'Invoices.Infrastructure'Violations also appear as annotations in the Files Changed tab, pointing to specific lines in your .csproj files.
ModularGuard looks for configuration files in this order:
.modularguard.yml.modularguard.yaml.modularguard.jsonmodularguard.ymlmodularguard.yamlmodularguard.json
If no configuration file is found, ModularGuard uses default rules for modular monolith architectures.
Example .modularguard.yml:
projectStructure:
patterns:
- name: "Core"
pattern: "*.Core"
type: "core"
moduleExtraction: "^(.+)\\.Core$"
- name: "Infrastructure"
pattern: "*.Infrastructure"
type: "infrastructure"
moduleExtraction: "^(.+)\\.Infrastructure$"
dependencyRules:
core:
allowed:
- "Shared.Core"
denied:
- "*.Infrastructure"
- "*.App"
infrastructure:
allowed:
- "Shared.Infrastructure"
- "{module}.Core"
denied:
- "*.App"See the ModularGuard documentation for more configuration options.
The action automatically detects your runner's platform and downloads the appropriate binary:
- Linux: x64, ARM64
- macOS: x64 (Intel), ARM64 (Apple Silicon)
- Windows: x64, ARM64
If you see permission errors on Linux/macOS, ensure the action has permission to make the binary executable. This should happen automatically, but if issues persist, check runner permissions.
Ensure your workflow has the pull-requests: write permission. Also verify that the action is running in the context of a pull request (not a push to main).
Check that your workflow has the checks: write permission. Annotations appear in the Files Changed tab of the pull request.
If modularguard-version: latest fails, try pinning to a specific version like 0.0.5 until a new release is available.
pnpm install
pnpm testpnpm buildThis compiles the TypeScript code and bundles it into dist/index.js, which must be committed to the repository.
pnpm checkSee LICENSE file for details.
Contributions are welcome! Please feel free to submit issues or pull requests.
- ModularGuard - The core architecture analysis tool