diff --git a/Makefile b/Makefile index 7d070ddc..1d5ed8b2 100644 --- a/Makefile +++ b/Makefile @@ -124,6 +124,14 @@ docker: check-github-token ## Build the container image docker-pull: ## Pull the container image from registry docker pull $(SUPER_LINTER_TEST_CONTAINER_URL) +.PHONY: open-shell-super-linter-container +open-shell-super-linter-container: ## Open a shell in the Super-linter container + docker run $(DOCKER_FLAGS) \ + --interactive \ + --entrypoint /bin/bash \ + -v "$(CURDIR)":/tmp/lint \ + $(SUPER_LINTER_TEST_CONTAINER_URL) + .PHONY: validate-container-image-labels validate-container-image-labels: ## Validate container image labels $(CURDIR)/test/validate-docker-labels.sh \ diff --git a/lib/functions/buildFileList.sh b/lib/functions/buildFileList.sh index 0e6e49fa..5da25ffe 100755 --- a/lib/functions/buildFileList.sh +++ b/lib/functions/buildFileList.sh @@ -148,7 +148,8 @@ function BuildFileList() { PARALLEL_COMMAND+=("BuildFileArrays") debug "PARALLEL_COMMAND to build the list of files and directories to lint: ${PARALLEL_COMMAND[*]}" - FILE_ARRAYS_DIRECTORY_PATH="$(mktemp -d)" + FILE_ARRAYS_DIRECTORY_PATH="/tmp/super-linter-file-arrays" + mkdir -p "${FILE_ARRAYS_DIRECTORY_PATH}" export FILE_ARRAYS_DIRECTORY_PATH debug "Created FILE_ARRAYS_DIRECTORY_PATH: ${FILE_ARRAYS_DIRECTORY_PATH}" @@ -206,9 +207,6 @@ BuildFileArrays() { debug "Categorizing the following files: ${RAW_FILE_ARRAY[*]}" debug "FILTER_REGEX_INCLUDE: ${FILTER_REGEX_INCLUDE}, FILTER_REGEX_EXCLUDE: ${FILTER_REGEX_EXCLUDE}, TEST_CASE_RUN: ${TEST_CASE_RUN}" - ValidateBooleanVariable "IGNORE_GENERATED_FILES" "${IGNORE_GENERATED_FILES}" - ValidateBooleanVariable "IGNORE_GITIGNORED_FILES" "${IGNORE_GITIGNORED_FILES}" - for FILE in "${RAW_FILE_ARRAY[@]}"; do # Get the file extension FILE_TYPE="$(GetFileExtension "$FILE")" @@ -247,7 +245,13 @@ BuildFileArrays() { echo "${FILE}" >>"${FILE_ARRAYS_DIRECTORY_PATH}/file-array-JSCPD" fi - # No need to process this item furhter + # Handle the corner case where FILE=${GITHUB_WORKSPACE}, and the user set + # ANSIBLE_DIRECTORY=. or ANSIBLE_DIRECTORY=/ + if IsAnsibleDirectory "${FILE}"; then + echo "${FILE}" >>"${FILE_ARRAYS_DIRECTORY_PATH}/file-array-ANSIBLE" + fi + + debug "No need to further process ${FILE}" continue fi @@ -294,7 +298,7 @@ BuildFileArrays() { echo "${FILE}" >>"${FILE_ARRAYS_DIRECTORY_PATH}/file-array-GITLEAKS" - if [[ ("${FILE}" =~ .*${ANSIBLE_DIRECTORY}.*) ]] && [[ -d "${FILE}" ]]; then + if IsAnsibleDirectory "${FILE}"; then echo "${FILE}" >>"${FILE_ARRAYS_DIRECTORY_PATH}/file-array-ANSIBLE" fi diff --git a/lib/functions/detectFiles.sh b/lib/functions/detectFiles.sh index 87a940b6..eed28ef7 100755 --- a/lib/functions/detectFiles.sh +++ b/lib/functions/detectFiles.sh @@ -269,7 +269,7 @@ function IsGenerated() { fi } -# We need these functions when building the file list with paralle +# We need these functions when building the file list with parallel export -f CheckFileType export -f DetectActions export -f DetectARMFile @@ -421,3 +421,18 @@ function RunAdditionalInstalls() { cd "${GITHUB_WORKSPACE}" && zef install --deps-only --/test . fi } + +function IsAnsibleDirectory() { + local FILE + FILE="$1" + + debug "Checking if ${FILE} is the Ansible directory (${ANSIBLE_DIRECTORY})" + if [[ ("${FILE}" =~ .*${ANSIBLE_DIRECTORY}.*) ]] && [[ -d "${FILE}" ]]; then + debug "${FILE} is the Ansible directory" + return 0 + else + debug "${FILE} is not the Ansible directory" + return 1 + fi +} +export -f IsAnsibleDirectory diff --git a/lib/functions/validation.sh b/lib/functions/validation.sh index 0c847ba1..33c4f04b 100755 --- a/lib/functions/validation.sh +++ b/lib/functions/validation.sh @@ -136,6 +136,7 @@ function GetValidationInfo() { ANSIBLE_DIRECTORY="${TEMP_ANSIBLE_DIRECTORY}" debug "Setting Ansible directory to: ${ANSIBLE_DIRECTORY}" fi + export ANSIBLE_DIRECTORY } function CheckIfGitBranchExists() { diff --git a/lib/linter.sh b/lib/linter.sh index 90264dc8..5a645716 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -116,7 +116,9 @@ DEFAULT_RULES_LOCATION='/action/lib/.automation' # De DEFAULT_SUPER_LINTER_WORKSPACE="/tmp/lint" # Fall-back value for the workspace DEFAULT_WORKSPACE="${DEFAULT_WORKSPACE:-${DEFAULT_SUPER_LINTER_WORKSPACE}}" # Default workspace if running locally FILTER_REGEX_INCLUDE="${FILTER_REGEX_INCLUDE:-""}" +export FILTER_REGEX_INCLUDE FILTER_REGEX_EXCLUDE="${FILTER_REGEX_EXCLUDE:-""}" +export FILTER_REGEX_EXCLUDE GITHUB_DOMAIN="${GITHUB_DOMAIN:-"github.com"}" GITHUB_DOMAIN="${GITHUB_DOMAIN%/}" # Remove trailing slash if present # GitHub API root url diff --git a/test/lib/buildFileListTest.sh b/test/lib/buildFileListTest.sh index 5b6e4977..5104d1d3 100755 --- a/test/lib/buildFileListTest.sh +++ b/test/lib/buildFileListTest.sh @@ -9,21 +9,10 @@ CREATE_LOG_FILE=false # Default log level # shellcheck disable=SC2034 LOG_LEVEL="DEBUG" -# shellcheck disable=SC2034 -LOG_DEBUG="true" -# shellcheck disable=SC2034 -LOG_VERBOSE="true" -# shellcheck disable=SC2034 -LOG_NOTICE="true" -# shellcheck disable=SC2034 -LOG_WARN="true" -# shellcheck disable=SC2034 -LOG_ERROR="true" # shellcheck source=/dev/null source "lib/functions/log.sh" -# shellcheck disable=SC2034 DEFAULT_BRANCH=main git config --global init.defaultBranch "${DEFAULT_BRANCH}" @@ -133,8 +122,51 @@ function GenerateFileDiffTwoFilesPushEventTest() { GenerateFileDiffTwoFilesTest "${FUNCNAME[0]}" } +function BuildFileArraysAnsibleGitHubWorkspaceTest() { + + # shellcheck source=/dev/null + source /action/lib/functions/detectFiles.sh + # shellcheck source=/dev/null + source /action/lib/functions/validation.sh + + # shellcheck disable=SC2034 + local FILTER_REGEX_INCLUDE="" + # shellcheck disable=SC2034 + local FILTER_REGEX_EXCLUDE="" + # shellcheck disable=SC2034 + local TEST_CASE_RUN=false + # shellcheck disable=SC2034 + local IGNORE_GENERATED_FILES=false + local FILE_ARRAYS_DIRECTORY_PATH="/tmp/super-linter-file-arrays" + mkdir -p "${FILE_ARRAYS_DIRECTORY_PATH}" + + # shellcheck disable=SC2034 + CHECKOV_LINTER_RULES="$(mktemp)" + + GITHUB_WORKSPACE="/tmp/lint" + # shellcheck disable=SC2034 + ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}" + + BuildFileArrays "${GITHUB_WORKSPACE}" + + local FILE_ARRAY_ANSIBLE_PATH="${FILE_ARRAYS_DIRECTORY_PATH}/file-array-ANSIBLE" + if [[ ! -e "${FILE_ARRAY_ANSIBLE_PATH}" ]]; then + fatal "${FILE_ARRAY_ANSIBLE_PATH} doesn't exist" + fi + + if ! grep -qxF "${ANSIBLE_DIRECTORY}" "${FILE_ARRAY_ANSIBLE_PATH}"; then + fatal "${FILE_ARRAY_ANSIBLE_PATH} doesn't contain ${ANSIBLE_DIRECTORY}" + fi + + local FUNCTION_NAME + FUNCTION_NAME="${FUNCNAME[0]}" + notice "${FUNCTION_NAME} PASS" +} + GenerateFileDiffOneFileTest GenerateFileDiffOneFilePushEventTest GenerateFileDiffTwoFilesTest GenerateFileDiffTwoFilesPushEventTest GenerateFileDiffInitialCommitPushEventTest + +BuildFileArraysAnsibleGitHubWorkspaceTest diff --git a/test/lib/detectFilesTest.sh b/test/lib/detectFilesTest.sh index f654c83e..bdfa2d89 100755 --- a/test/lib/detectFilesTest.sh +++ b/test/lib/detectFilesTest.sh @@ -5,15 +5,7 @@ set -o nounset set -o pipefail # shellcheck disable=SC2034 -LOG_DEBUG="true" -# shellcheck disable=SC2034 -LOG_VERBOSE="true" -# shellcheck disable=SC2034 -LOG_NOTICE="true" -# shellcheck disable=SC2034 -LOG_WARN="true" -# shellcheck disable=SC2034 -LOG_ERROR="true" +LOG_LEVEL="DEBUG" # shellcheck source=/dev/null source "lib/functions/log.sh" @@ -102,9 +94,29 @@ function RecognizeShebangWithBlankTest() { notice "${FUNCTION_NAME} PASS" } +function IsAnsibleDirectoryTest() { + local GITHUB_WORKSPACE + GITHUB_WORKSPACE="$(mktemp -d)" + local FILE="${GITHUB_WORKSPACE}/ansible" + mkdir -p "${FILE}" + local ANSIBLE_DIRECTORY="/ansible" + export ANSIBLE_DIRECTORY + + debug "Confirming that ${FILE} is an Ansible directory" + + if ! IsAnsibleDirectory "${FILE}"; then + fatal "${FILE} is not considered to be an Ansible directory" + fi + + FUNCTION_NAME="${FUNCNAME[0]}" + notice "${FUNCTION_NAME} PASS" +} + RecognizeNoShebangTest RecognizeCommentIsNotShebangTest RecognizeIndentedShebangAsCommentTest RecognizeSecondLineShebangAsCommentTest RecognizeShebangTest RecognizeShebangWithBlankTest + +IsAnsibleDirectoryTest diff --git a/test/lib/githubEventTest.sh b/test/lib/githubEventTest.sh index 375b3052..10670a66 100755 --- a/test/lib/githubEventTest.sh +++ b/test/lib/githubEventTest.sh @@ -9,16 +9,6 @@ CREATE_LOG_FILE=false # Default log level # shellcheck disable=SC2034 LOG_LEVEL="DEBUG" -# shellcheck disable=SC2034 -LOG_DEBUG="true" -# shellcheck disable=SC2034 -LOG_VERBOSE="true" -# shellcheck disable=SC2034 -LOG_NOTICE="true" -# shellcheck disable=SC2034 -LOG_WARN="true" -# shellcheck disable=SC2034 -LOG_ERROR="true" # shellcheck source=/dev/null source "lib/functions/log.sh" diff --git a/test/lib/setupSSHTest.sh b/test/lib/setupSSHTest.sh index 8a8d17c6..035d6806 100755 --- a/test/lib/setupSSHTest.sh +++ b/test/lib/setupSSHTest.sh @@ -9,18 +9,6 @@ CREATE_LOG_FILE=false # Default log level # shellcheck disable=SC2034 LOG_LEVEL="DEBUG" -# shellcheck disable=SC2034 -LOG_TRACE="true" -# shellcheck disable=SC2034 -LOG_DEBUG="true" -# shellcheck disable=SC2034 -LOG_VERBOSE="true" -# shellcheck disable=SC2034 -LOG_NOTICE="true" -# shellcheck disable=SC2034 -LOG_WARN="true" -# shellcheck disable=SC2034 -LOG_ERROR="true" # shellcheck source=/dev/null source "lib/functions/log.sh" diff --git a/test/lib/validationTest.sh b/test/lib/validationTest.sh index e22299e2..ad3d8ce7 100755 --- a/test/lib/validationTest.sh +++ b/test/lib/validationTest.sh @@ -9,16 +9,6 @@ CREATE_LOG_FILE=false # Default log level # shellcheck disable=SC2034 LOG_LEVEL="DEBUG" -# shellcheck disable=SC2034 -LOG_DEBUG="true" -# shellcheck disable=SC2034 -LOG_VERBOSE="true" -# shellcheck disable=SC2034 -LOG_NOTICE="true" -# shellcheck disable=SC2034 -LOG_WARN="true" -# shellcheck disable=SC2034 -LOG_ERROR="true" # shellcheck source=/dev/null source "lib/functions/log.sh"