mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-25 07:31:05 -05:00
fix: initialize terrascan at runtime (#5246)
Terrascan runs initialization anyway when scanning files, so there's no point in running it at build time. Also, this works around a Terrascan bug that caused it to fail its initialization if $HOME/.terrascan directory is not present. This happens on GitHub Actions because it configures a $HOME directory that is different from ours.
This commit is contained in:
parent
6fd6830fb4
commit
5b5e54ad5c
7 changed files with 45 additions and 9 deletions
|
@ -391,11 +391,6 @@ ENV PATH="${PATH}:${DART_SDK}/bin:/root/.pub-cache/bin"
|
||||||
ENV VERSION_FILE="/action/linterVersions.txt"
|
ENV VERSION_FILE="/action/linterVersions.txt"
|
||||||
RUN mkdir /action
|
RUN mkdir /action
|
||||||
|
|
||||||
# Initialize Terrascan
|
|
||||||
# Initialize ChkTeX config file
|
|
||||||
RUN terrascan init --log-level "debug" \
|
|
||||||
&& touch ~/.chktexrc
|
|
||||||
|
|
||||||
ENTRYPOINT ["/action/lib/linter.sh"]
|
ENTRYPOINT ["/action/lib/linter.sh"]
|
||||||
|
|
||||||
FROM base_image as slim
|
FROM base_image as slim
|
||||||
|
|
8
Makefile
8
Makefile
|
@ -4,7 +4,7 @@
|
||||||
all: info docker test ## Run all targets.
|
all: info docker test ## Run all targets.
|
||||||
|
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
test: info validate-container-image-labels test-lib inspec lint-codebase test-default-config-files test-find lint-subset-files test-custom-ssl-cert test-non-default-workdir test-git-flags test-log-level test-linters ## Run the test suite
|
test: info validate-container-image-labels test-lib inspec lint-codebase test-default-config-files test-find lint-subset-files test-custom-ssl-cert test-non-default-workdir test-git-flags test-non-default-home-directory test-log-level test-linters ## Run the test suite
|
||||||
|
|
||||||
# if this session isn't interactive, then we don't want to allocate a
|
# if this session isn't interactive, then we don't want to allocate a
|
||||||
# TTY, which would fail, but if it is interactive, we do want to attach
|
# TTY, which would fail, but if it is interactive, we do want to attach
|
||||||
|
@ -289,6 +289,12 @@ test-custom-ssl-cert: ## Test the configuration of a custom SSL/TLS certificate
|
||||||
-v "$(CURDIR)/docs":/tmp/lint \
|
-v "$(CURDIR)/docs":/tmp/lint \
|
||||||
$(SUPER_LINTER_TEST_CONTAINER_URL)
|
$(SUPER_LINTER_TEST_CONTAINER_URL)
|
||||||
|
|
||||||
|
.phony: test-non-default-home-directory
|
||||||
|
test-non-default-home-directory: ## Test a non-default HOME directory
|
||||||
|
$(CURDIR)/test/run-super-linter-tests.sh \
|
||||||
|
$(SUPER_LINTER_TEST_CONTAINER_URL) \
|
||||||
|
"run_test_cases_non_default_home"
|
||||||
|
|
||||||
.phony: test-linters
|
.phony: test-linters
|
||||||
test-linters: test-linters-expect-success test-linters-expect-failure ## Run the linters test suite
|
test-linters: test-linters-expect-success test-linters-expect-failure ## Run the linters test suite
|
||||||
|
|
||||||
|
|
|
@ -156,7 +156,7 @@ function BuildFileList() {
|
||||||
if ! RESULTS_OBJECT=$(jq --raw-output -n '[inputs]' "${PARALLEL_RESULTS_FILE_PATH}"); then
|
if ! RESULTS_OBJECT=$(jq --raw-output -n '[inputs]' "${PARALLEL_RESULTS_FILE_PATH}"); then
|
||||||
fatal "Error loading results when building the file list: ${RESULTS_OBJECT}"
|
fatal "Error loading results when building the file list: ${RESULTS_OBJECT}"
|
||||||
fi
|
fi
|
||||||
debug "RESULTS_OBJECT for ${FILE_TYPE}:\n${RESULTS_OBJECT}"
|
debug "RESULTS_OBJECT when building the file list:\n${RESULTS_OBJECT}"
|
||||||
|
|
||||||
local STDOUT_BUILD_FILE_LIST
|
local STDOUT_BUILD_FILE_LIST
|
||||||
# Get raw output so we can strip quotes from the data we load
|
# Get raw output so we can strip quotes from the data we load
|
||||||
|
|
|
@ -444,6 +444,22 @@ function RunAdditionalInstalls() {
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ "${VALIDATE_TERRAFORM_TERRASCAN}" == "true" ] && [ -e "${FILE_ARRAYS_DIRECTORY_PATH}/file-array-TERRAFORM_TERRASCAN" ]; then
|
||||||
|
info "Initializing Terrascan repository"
|
||||||
|
local -a TERRASCAN_INIT_COMMAND
|
||||||
|
TERRASCAN_INIT_COMMAND=(terrascan init -c "${TERRAFORM_TERRASCAN_LINTER_RULES}")
|
||||||
|
if [[ "${LOG_DEBUG}" == "true" ]]; then
|
||||||
|
TERRASCAN_INIT_COMMAND+=(--log-level "debug")
|
||||||
|
fi
|
||||||
|
debug "Terrascan init command: ${TERRASCAN_INIT_COMMAND[*]}"
|
||||||
|
|
||||||
|
local TERRASCAN_INIT_COMMAND_OUTPUT
|
||||||
|
if ! TERRASCAN_INIT_COMMAND_OUTPUT="$("${TERRASCAN_INIT_COMMAND[@]}" 2>&1)"; then
|
||||||
|
fatal "Error while initializing Terrascan:\n${TERRASCAN_INIT_COMMAND_OUTPUT}"
|
||||||
|
fi
|
||||||
|
debug "Terrascan init command output:\n${TERRASCAN_INIT_COMMAND_OUTPUT}"
|
||||||
|
fi
|
||||||
|
|
||||||
# Check if there's local configuration for the Raku linter
|
# Check if there's local configuration for the Raku linter
|
||||||
if [ -e "${GITHUB_WORKSPACE}/META6.json" ]; then
|
if [ -e "${GITHUB_WORKSPACE}/META6.json" ]; then
|
||||||
cd "${GITHUB_WORKSPACE}" && zef install --deps-only --/test .
|
cd "${GITHUB_WORKSPACE}" && zef install --deps-only --/test .
|
||||||
|
|
|
@ -495,8 +495,7 @@ control "super-linter-validate-files" do
|
||||||
"/action/lib/.automation/.yaml-lint.yml",
|
"/action/lib/.automation/.yaml-lint.yml",
|
||||||
"/action/lib/.automation/phpcs.xml",
|
"/action/lib/.automation/phpcs.xml",
|
||||||
"/action/lib/.automation/phpstan.neon",
|
"/action/lib/.automation/phpstan.neon",
|
||||||
"/action/lib/.automation/psalm.xml",
|
"/action/lib/.automation/psalm.xml"
|
||||||
"/root/.chktexrc"
|
|
||||||
]
|
]
|
||||||
|
|
||||||
files.each do |item|
|
files.each do |item|
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
resource "aws_instance" "instanceWithVpc2" {
|
||||||
|
ami = "some-id"
|
||||||
|
instance_type = "t2.micro"
|
||||||
|
monitoring = true
|
||||||
|
ebs_optimized = true
|
||||||
|
|
||||||
|
vpc_security_group_ids = ["sg-12345678901234567"]
|
||||||
|
subnet_id = "subnet-12345678901234567"
|
||||||
|
metadata_options {
|
||||||
|
http_endpoint = "disabled"
|
||||||
|
}
|
||||||
|
tags = {
|
||||||
|
Name = "HelloWorld"
|
||||||
|
}
|
||||||
|
}
|
|
@ -23,6 +23,11 @@ run_test_cases_log_level() {
|
||||||
LOG_LEVEL="NOTICE"
|
LOG_LEVEL="NOTICE"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
run_test_cases_non_default_home() {
|
||||||
|
run_test_cases_expect_success
|
||||||
|
COMMAND_TO_RUN+=(-e HOME=/tmp)
|
||||||
|
}
|
||||||
|
|
||||||
# Run the test setup function
|
# Run the test setup function
|
||||||
${TEST_FUNCTION_NAME}
|
${TEST_FUNCTION_NAME}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue