Adding ESLint as a CI Gate in GitHub Actions
Run ESLint on every pull request and fail the build when lint errors appear.
ESLint as a CI gate stops style and bug-pattern regressions before merge. The simplest form runs eslint and lets its non-zero exit fail the job. Adding SARIF output surfaces issues in the GitHub Security tab and as inline annotations.
What you need
- ESLint configured in the repo (eslint.config.js or .eslintrc).
- A lint script (npm run lint) or a direct npx eslint invocation.
- Optionally @microsoft/eslint-formatter-sarif for code scanning annotations.
The workflow
Install deps and run lint; a non-zero exit fails the job automatically.
.github/workflows/ci.yml
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npx eslint . --max-warnings 0Annotate the diff
Emit SARIF and upload it so issues appear inline on the PR.
.github/workflows/ci.yml
- run: npx eslint . --format @microsoft/eslint-formatter-sarif --output-file eslint.sarif
continue-on-error: true
- uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: eslint.sarifCommon gotchas
- --max-warnings 0 is what actually turns warnings into a failing gate; without it warnings pass.
- The SARIF upload step needs continue-on-error so a lint failure still uploads results.
- Flat config vs legacy config mismatches silently lint nothing - verify the file count in logs.
Key takeaways
- A non-zero eslint exit fails the job - no special action needed.
- Use --max-warnings 0 to treat warnings as gate failures.
- SARIF output gives inline PR annotations via upload-sarif.
Related guides
Adding a Prettier Check to GitHub ActionsEnforce formatting in CI with prettier --check in GitHub Actions so unformatted code fails the build instead…
Adding Super-Linter to GitHub ActionsRun GitHub Super-Linter to lint many languages in one job, scoped to changed files, with the right permission…
Adding Danger.js to GitHub ActionsAutomate PR review chores with Danger.js in GitHub Actions: enforce changelog entries, PR descriptions, and f…