diff --git a/.automation/test/tekton/README.md b/.automation/test/tekton/README.md new file mode 100644 index 00000000..221415e6 --- /dev/null +++ b/.automation/test/tekton/README.md @@ -0,0 +1,19 @@ +# Tekton language Test Cases + +This folder holds the test cases for **Tekton**. + +## Additional Docs + +No Additional information is needed for this test case. + +## Good Test Cases + +The test cases denoted: `LANGUAGE_good_FILE.EXTENSION` are all valid, and should pass successfully when linted. + +- **Note:** They are linted utilizing the default linter rules. + +## Bad Test Cases + +The test cases denoted: `LANGUAGE_bad_FILE.EXTENSION` are **NOT** valid, and should trigger errors when linted. + +- **Note:** They are linted utilizing the default linter rules. diff --git a/.automation/test/tekton/bad/tekton_bad_1.yml b/.automation/test/tekton/bad/tekton_bad_1.yml new file mode 100644 index 00000000..936ee965 --- /dev/null +++ b/.automation/test/tekton/bad/tekton_bad_1.yml @@ -0,0 +1,33 @@ +apiVersion: tekton.dev/v1beta1 +kind: Task +metadata: + name: example-task-name +spec: + params: + - name: pathToDockerFile + type: string + description: The path to the dockerfile to build + default: /workspace/workspace/Dockerfile + resources: + inputs: + - name: workspace + type: git + outputs: + - name: builtImage + type: image + steps: + - name: ubuntu-example + image: ubuntu + args: ["ubuntu-build-example", "SECRETS-example.md"] + - image: gcr.io/example-builders/build-example + command: ["echo"] + args: ["$(params.pathToDockerFile)"] + - name: dockerfile-pushexample + image: gcr.io/example-builders/push-example + args: ["push", "$(resources.outputs.builtImage.url)"] + volumeMounts: + - name: example-volume + mountPath: /var/run/docker.sock + volumes: + - name: sample-example-volume + emptyDir: {} diff --git a/.automation/test/tekton/good/tekton_good_1.yml b/.automation/test/tekton/good/tekton_good_1.yml new file mode 100644 index 00000000..7012dceb --- /dev/null +++ b/.automation/test/tekton/good/tekton_good_1.yml @@ -0,0 +1,33 @@ +apiVersion: tekton.dev/v1beta1 +kind: Task +metadata: + name: example-task-name +spec: + params: + - name: pathToDockerFile + type: string + description: The path to the dockerfile to build + default: /workspace/workspace/Dockerfile + resources: + inputs: + - name: workspace + type: git + outputs: + - name: builtImage + type: image + steps: + - name: ubuntu-example + image: ubuntu + args: ["ubuntu-build-example", "SECRETS-example.md"] + - image: gcr.io/example-builders/build-example + command: ["echo"] + args: ["$(params.pathToDockerFile)"] + - name: dockerfile-pushexample + image: gcr.io/example-builders/push-example + args: ["push", "$(resources.outputs.builtImage.url)"] + volumeMounts: + - name: example-volume + mountPath: /var/run/docker.sock + volumes: + - name: example-volume + emptyDir: {} diff --git a/README.md b/README.md index cb45400c..80385494 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,7 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base | **Shell** | [Shellcheck](https://github.com/koalaman/shellcheck) / [executable bit check] / [shfmt](https://github.com/mvdan/sh) | | **Snakemake** | [snakefmt](https://github.com/snakemake/snakefmt/) / [snakemake --lint](https://snakemake.readthedocs.io/en/stable/snakefiles/writing_snakefiles.html#best-practices) | | **SQL** | [sql-lint](https://github.com/joereynolds/sql-lint) | +| **Tekton** | [tekton-lint](https://github.com/IBM/tekton-lint) | | **Terraform** | [tflint](https://github.com/terraform-linters/tflint) / [terrascan](https://github.com/accurics/terrascan) | | **Terragrunt** | [terragrunt](https://github.com/gruntwork-io/terragrunt) | | **TypeScript** | [eslint](https://eslint.org/) / [standard js](https://standardjs.com/) | @@ -277,6 +278,7 @@ But if you wish to select or exclude specific linters, we give you full control | **VALIDATE_SNAKEMAKE_SNAKEFMT** | `true` | Flag to enable or disable the linting process of Snakefiles. (Utilizing: snakefmt) | | **VALIDATE_STATES** | `true` | Flag to enable or disable the linting process for AWS States Language. | | **VALIDATE_SQL** | `true` | Flag to enable or disable the linting process of the SQL language. | +| **VALIDATE_TEKTON** | `true` | Flag to enable or disable the linting process of the Tekton language. | | **VALIDATE_TERRAFORM** | `true` | Flag to enable or disable the linting process of the Terraform language. | | **VALIDATE_TERRAFORM_TERRASCAN** | `true` | Flag to enable or disable the linting process of the Terraform language for security related issues. | | **VALIDATE_TERRAGRUNT** | `true` | Flag to enable or disable the linting process for Terragrunt files. | diff --git a/dependencies/package-lock.json b/dependencies/package-lock.json index 97d9161c..4068c1a1 100644 --- a/dependencies/package-lock.json +++ b/dependencies/package-lock.json @@ -972,6 +972,15 @@ "pg-query-stream": "~0.2.0" } }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, "argparse": { "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", @@ -1131,6 +1140,11 @@ "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-9.0.0.tgz", "integrity": "sha512-t/OYhhJ2SD+YGBQcjY8GzzDHEk9f3nerxjtfa6tlMXfe7frs/WozhvCNoGvpM0P3bNf3Gq5ZRMlGr5f3r4/N8A==" }, + "binary-extensions": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.1.0.tgz", + "integrity": "sha512-1Yj8h9Q+QDF5FzhMs/c9+6UntbD5MkRfRwac8DoEm9ZfUBZ7tZ55YcGVAzEe4bXsdQHEk+s9S5wsOKVdZrw0tQ==" + }, "blueimp-md5": { "version": "2.13.0", "resolved": "https://registry.npmjs.org/blueimp-md5/-/blueimp-md5-2.13.0.tgz", @@ -1270,6 +1284,21 @@ "resolved": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==" }, + "chokidar": { + "version": "3.4.3", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.4.3.tgz", + "integrity": "sha512-DtM3g7juCXQxFVSNPNByEC2+NImtBuxQQvWlHunpJIS5Ocr0lG306cC7FCi7cEA0fzmybPUIl4txBIobk1gGOQ==", + "requires": { + "anymatch": "~3.1.1", + "braces": "~3.0.2", + "fsevents": "~2.1.2", + "glob-parent": "~5.1.0", + "is-binary-path": "~2.1.0", + "is-glob": "~4.0.1", + "normalize-path": "~3.0.0", + "readdirp": "~3.5.0" + } + }, "chownr": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", @@ -2790,6 +2819,12 @@ "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "optional": true + }, "ftp": { "version": "0.3.10", "resolved": "https://registry.npmjs.org/ftp/-/ftp-0.3.10.tgz", @@ -3015,6 +3050,14 @@ "resolved": "https://registry.npmjs.org/graceful-readlink/-/graceful-readlink-1.0.1.tgz", "integrity": "sha1-TK+tdrxi8C+gObL5Tpo906ORpyU=" }, + "graphlib": { + "version": "2.1.8", + "resolved": "https://registry.npmjs.org/graphlib/-/graphlib-2.1.8.tgz", + "integrity": "sha512-jcLLfkpoVGmH7/InMC/1hIvOPSUh38oJtGhvrOFGzioE1DZ+0YW16RgmOJhHiuWTvGiJQ9Z1Ik43JvkRPRvE+A==", + "requires": { + "lodash": "^4.17.15" + } + }, "har-schema": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", @@ -3341,6 +3384,14 @@ "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=" }, + "is-binary-path": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==", + "requires": { + "binary-extensions": "^2.0.0" + } + }, "is-buffer": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.4.tgz", @@ -4123,6 +4174,11 @@ } } }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==" + }, "normalize-range": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz", @@ -5009,6 +5065,14 @@ } } }, + "readdirp": { + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.5.0.tgz", + "integrity": "sha512-cMhu7c/8rdhkHXWsY+osBhfSy0JikwpHK/5+imo+LpeasTF8ouErHrlYkwT0++njiyuDvc7OFY5T3ukvZ8qmFQ==", + "requires": { + "picomatch": "^2.2.1" + } + }, "redent": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/redent/-/redent-3.0.0.tgz", @@ -5943,6 +6007,58 @@ "yallist": "^3.0.3" } }, + "tekton-lint": { + "version": "0.4.3", + "resolved": "https://registry.npmjs.org/tekton-lint/-/tekton-lint-0.4.3.tgz", + "integrity": "sha512-YRPp9QAApO65gyP15aS1UfE95lDGbL83oy9CJfOGl/LCflat8spNxBzKqIIzCbfii5eGsdKbPLJm4KAv4v4Jww==", + "requires": { + "chalk": "^4.1.0", + "chokidar": "^3.4.0", + "fast-glob": "^3.2.2", + "graphlib": "^2.1.8", + "minimist": "^1.2.5", + "strip-ansi": "^6.0.0", + "text-table": "^0.2.0", + "yaml": "^1.8.2" + }, + "dependencies": { + "chalk": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.0.tgz", + "integrity": "sha512-qwx12AxXe2Q5xQ43Ac//I6v5aXTipYrSESdOgzrN+9XjgEpyjpKuvSGaN4qE93f7TQTlerQQ8S+EQ0EyDoVL1A==", + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "fast-glob": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.2.4.tgz", + "integrity": "sha512-kr/Oo6PX51265qeuCYsyGypiO5uJFgBS0jksyG7FUeCyQzNwYnzrNIMR1NXfkZXsMYXYLRAHgISHBz8gQcxKHQ==", + "requires": { + "@nodelib/fs.stat": "^2.0.2", + "@nodelib/fs.walk": "^1.2.3", + "glob-parent": "^5.1.0", + "merge2": "^1.3.0", + "micromatch": "^4.0.2", + "picomatch": "^2.2.1" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==" + }, + "supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "requires": { + "has-flag": "^4.0.0" + } + } + } + }, "text-table": { "version": "0.2.0", "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", diff --git a/dependencies/package.json b/dependencies/package.json index bd730873..37044773 100644 --- a/dependencies/package.json +++ b/dependencies/package.json @@ -23,6 +23,7 @@ "standard": "^14.3.4", "stylelint": "^13.7.2", "stylelint-config-standard": "^20.0.0", - "typescript": "^4.0.3" + "typescript": "^4.0.3", + "tekton-lint": "^0.4.3" } } diff --git a/docs/disabling-linters.md b/docs/disabling-linters.md index 006f281a..540f4b49 100644 --- a/docs/disabling-linters.md +++ b/docs/disabling-linters.md @@ -51,6 +51,7 @@ For some linters it is also possible to override rules on a case by case level w - [Shell](#shell) - [Snakemake](#snakemake) - [SQL](#sql) + - [Tekton](#tekton) - [Terraform](#terraform) - [Typescript eslint](#typescript-eslint) - [Typescript standard](#typescript-standard) @@ -1177,6 +1178,28 @@ shfmt [supports EditorConfig files for configuration](https://github.com/mvdan/s --- +## Tekton + +- [Tekton](https://github.com/IBM/tekton-lint) + +### Tekton Config file + +- There is currently **No** Tekton format config rules file + +### Tekton disable single line + +- There is currently **No** way to disable rules inline of the file(s) + +### Tekton disable code block + +- There is currently **No** way to disable rules inline of the file(s) + +### Tekton disable entire file + +- There is currently **No** way to disable rules inline of the file(s) + +--- + ## Terraform - [tflint](https://github.com/terraform-linters/tflint) diff --git a/lib/buildFileList.sh b/lib/buildFileList.sh index dca31bd8..15a581cd 100755 --- a/lib/buildFileList.sh +++ b/lib/buildFileList.sh @@ -496,6 +496,16 @@ function BuildFileList() { FILE_ARRAY_CLOUDFORMATION+=("${FILE}") fi + ######################################## + # Check if the file is Tekton template # + ######################################## + if DetectTektonFile "${FILE}"; then + ################################ + # Append the file to the array # + ################################ + FILE_ARRAY_TEKTON+=("${FILE}") + fi + ############################################ # Check if the file is Kubernetes template # ############################################ diff --git a/lib/linter.sh b/lib/linter.sh index 85816907..ba485c0f 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -172,8 +172,8 @@ LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'BASH_EXEC' 'CLOUDFORMATION' 'CLOJURE' 'C 'DART' 'DOCKERFILE' 'DOCKERFILE_HADOLINT' 'EDITORCONFIG' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVA' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' 'JSON' 'JSX' 'KUBERNETES_KUBEVAL' 'KOTLIN' 'LATEX' 'LUA' 'MARKDOWN' 'OPENAPI' 'PERL' 'PHP_BUILTIN' 'PHP_PHPCS' 'PHP_PHPSTAN' 'PHP_PSALM' 'POWERSHELL' - 'PROTOBUF' 'PYTHON_BLACK' 'PYTHON_PYLINT' 'PYTHON_FLAKE8' 'R' 'RAKU' 'RUBY' 'SHELL_SHFMT' 'SNAKEMAKE_LINT' 'SNAKEMAKE_SNAKEFMT' 'STATES' 'SQL' 'TERRAFORM' - 'TERRAFORM_TERRASCAN' 'TERRAGRUNT' 'TSX' 'TYPESCRIPT_ES' 'TYPESCRIPT_STANDARD' 'XML' 'YAML') + 'PROTOBUF' 'PYTHON_BLACK' 'PYTHON_PYLINT' 'PYTHON_FLAKE8' 'R' 'RAKU' 'RUBY' 'SHELL_SHFMT' 'SNAKEMAKE_LINT' 'SNAKEMAKE_SNAKEFMT' 'STATES' 'SQL' + 'TEKTON' 'TERRAFORM' 'TERRAFORM_TERRASCAN' 'TERRAGRUNT' 'TSX' 'TYPESCRIPT_ES' 'TYPESCRIPT_STANDARD' 'XML' 'YAML') ############################## # Linter command names array # @@ -224,6 +224,7 @@ LINTER_NAMES_ARRAY['SNAKEMAKE_LINT']="snakemake" LINTER_NAMES_ARRAY['SNAKEMAKE_SNAKEFMT']="snakefmt" LINTER_NAMES_ARRAY['STATES']="asl-validator" LINTER_NAMES_ARRAY['SQL']="sql-lint" +LINTER_NAMES_ARRAY['TEKTON']="tekton-lint" LINTER_NAMES_ARRAY['TERRAFORM']="tflint" LINTER_NAMES_ARRAY['TERRAFORM_TERRASCAN']="terrascan" LINTER_NAMES_ARRAY['TERRAGRUNT']="terragrunt" @@ -548,6 +549,39 @@ DetectOpenAPIFile() { fi } ################################################################################ +#### Function DetectTektonFile ################################################# +DetectTektonFile() { + ################ + # Pull in vars # + ################ + FILE="${1}" + + ############################### + # Check the file for keywords # + ############################### + grep -q -E 'apiVersion: tekton' "${FILE}" >/dev/null + + ####################### + # Load the error code # + ####################### + ERROR_CODE=$? + + ############################## + # Check the shell for errors # + ############################## + if [ ${ERROR_CODE} -eq 0 ]; then + ######################## + # Found string in file # + ######################## + return 0 + else + ################### + # No string match # + ################### + return 1 + fi +} +################################################################################ #### Function DetectARMFile #################################################### DetectARMFile() { ################ @@ -620,14 +654,13 @@ DetectKubernetesFile() { FILE="${1}" # File that we need to validate debug "Checking if ${FILE} is a Kubernetes descriptor..." - if grep -v 'kustomize.config.k8s.io' "${FILE}" | grep -q -E '(apiVersion):'; then + if grep -v 'kustomize.config.k8s.io' "${FILE}" | grep -v tekton | grep -q -E '(apiVersion):'; then debug "${FILE} is a Kubernetes descriptor" return 0 fi debug "${FILE} is NOT a Kubernetes descriptor" return 1 - } ################################################################################ #### Function DetectAWSStatesFIle ############################################## @@ -1151,6 +1184,7 @@ LINTER_COMMANDS_ARRAY['SNAKEMAKE_LINT']="snakemake --lint -s" LINTER_COMMANDS_ARRAY['SNAKEMAKE_SNAKEFMT']="snakefmt --config ${SNAKEMAKE_SNAKEFMT_LINTER_RULES} --check --compact-diff" LINTER_COMMANDS_ARRAY['STATES']="asl-validator --json-path" LINTER_COMMANDS_ARRAY['SQL']="sql-lint --config ${SQL_LINTER_RULES}" +LINTER_COMMANDS_ARRAY['TEKTON']="tekton-lint" LINTER_COMMANDS_ARRAY['TERRAFORM']="tflint -c ${TERRAFORM_LINTER_RULES}" LINTER_COMMANDS_ARRAY['TERRAFORM_TERRASCAN']="terrascan scan -p /root/.terrascan/pkg/policies/opa/rego/ -t aws -f " LINTER_COMMANDS_ARRAY['TERRAGRUNT']="terragrunt hclfmt --terragrunt-check --terragrunt-hclfmt-file " @@ -1160,7 +1194,6 @@ LINTER_COMMANDS_ARRAY['TYPESCRIPT_STANDARD']="standard --parser @typescript-esli LINTER_COMMANDS_ARRAY['XML']="xmllint" LINTER_COMMANDS_ARRAY['YAML']="yamllint -c ${YAML_LINTER_RULES}" - ################################## # Get and print all version info # ################################## diff --git a/lib/linterVersions.sh b/lib/linterVersions.sh index 8b2a92c2..d21a2dc3 100755 --- a/lib/linterVersions.sh +++ b/lib/linterVersions.sh @@ -25,7 +25,7 @@ LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'bash-exec' 'black' 'cfn- 'dotnet-format' 'dart' 'dockerfilelint' 'dotenv-linter' 'editorconfig-checker' 'eslint' 'flake8' 'golangci-lint' 'hadolint' 'htmlhint' 'jsonlint' 'kubeval' 'ktlint' 'lintr' 'lua' 'markdownlint' 'npm-groovy-lint' 'perl' 'protolint' 'pwsh' 'pylint' 'raku' 'rubocop' 'shellcheck' 'shfmt' 'spectral' 'standard' 'stylelint' 'sql-lint' - 'terrascan' 'tflint' 'xmllint' 'yamllint') + 'tekton-lint' 'terrascan' 'tflint' 'xmllint' 'yamllint') ################################################################################ ########################## FUNCTIONS BELOW ##################################### diff --git a/lib/worker.sh b/lib/worker.sh index 0707f137..5dab653d 100755 --- a/lib/worker.sh +++ b/lib/worker.sh @@ -693,6 +693,7 @@ function RunTestCases() { TestCodebase "SNAKEMAKE_SNAKEFMT" "snakefmt" "snakefmt --config ${SNAKEMAKE_SNAKEFMT_LINTER_RULES} --check --compact-diff" ".*\.\(smk\)\$" "snakemake" TestCodebase "STATES" "asl-validator" "asl-validator --json-path" ".*\.\(json\)\$" "states" TestCodebase "SQL" "sql-lint" "sql-lint --config ${SQL_LINTER_RULES}" ".*\.\(sql\)\$" "sql" + TestCodebase "TEKTON" "tekton-lint" "tekton-lint" ".*\.\(yml\|yaml\)\$" "tekton" TestCodebase "TERRAFORM" "tflint" "tflint -c ${TERRAFORM_LINTER_RULES}" ".*\.\(tf\)\$" "terraform" TestCodebase "TERRAFORM_TERRASCAN" "terrascan" "terrascan scan -p /root/.terrascan/pkg/policies/opa/rego/ -t aws -f " ".*\.\(tf\)\$" "terraform_terrascan" TestCodebase "TERRAGRUNT" "terragrunt" "terragrunt hclfmt --terragrunt-check --terragrunt-hclfmt-file " ".*\.\(hcl\)\$" "terragrunt"