2020-06-29 10:55:59 -04:00
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
2020-07-01 17:40:40 -04:00
|
|
|
function GetValidationInfo() {
|
2020-07-30 16:39:05 -04:00
|
|
|
############################################
|
|
|
|
# Print headers for user provided env vars #
|
|
|
|
############################################
|
|
|
|
info "--------------------------------------------"
|
|
|
|
info "Gathering user validation information..."
|
|
|
|
|
|
|
|
###########################################
|
|
|
|
# Skip validation if were running locally #
|
|
|
|
###########################################
|
|
|
|
if [[ ${RUN_LOCAL} != "true" ]]; then
|
2020-07-30 16:18:24 -04:00
|
|
|
###############################
|
|
|
|
# Convert string to lowercase #
|
|
|
|
###############################
|
2020-07-30 16:39:05 -04:00
|
|
|
VALIDATE_ALL_CODEBASE="${VALIDATE_ALL_CODEBASE,,}"
|
|
|
|
######################################
|
|
|
|
# Validate we should check all files #
|
|
|
|
######################################
|
|
|
|
if [[ ${VALIDATE_ALL_CODEBASE} != "false" ]]; then
|
|
|
|
# Set to true
|
|
|
|
VALIDATE_ALL_CODEBASE="${DEFAULT_VALIDATE_ALL_CODEBASE}"
|
|
|
|
info "- Validating ALL files in code base..."
|
|
|
|
else
|
|
|
|
info "- Only validating [new], or [edited] files in code base..."
|
2020-07-04 18:14:27 -04:00
|
|
|
fi
|
2020-07-30 16:39:05 -04:00
|
|
|
fi
|
|
|
|
|
|
|
|
######################
|
|
|
|
# Create Print Array #
|
|
|
|
######################
|
|
|
|
PRINT_ARRAY=()
|
|
|
|
|
|
|
|
################################
|
|
|
|
# Convert strings to lowercase #
|
|
|
|
################################
|
|
|
|
# Loop through all languages
|
|
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
|
|
# build the variable
|
|
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
|
|
# Set the value of the var to lowercase
|
|
|
|
eval "${VALIDATE_LANGUAGE}=${!VALIDATE_LANGUAGE,,}"
|
|
|
|
done
|
|
|
|
|
|
|
|
################################################
|
|
|
|
# Determine if any linters were explicitly set #
|
|
|
|
################################################
|
|
|
|
ANY_SET="false"
|
2020-08-11 22:05:01 -04:00
|
|
|
ANY_TRUE="false"
|
|
|
|
ANY_FALSE="false"
|
2020-07-30 16:39:05 -04:00
|
|
|
# Loop through all languages
|
|
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
|
|
# build the variable
|
|
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
|
|
# Check to see if the variable was set
|
|
|
|
if [ -n "${!VALIDATE_LANGUAGE}" ]; then
|
|
|
|
# It was set, need to set flag
|
|
|
|
ANY_SET="true"
|
2020-08-11 22:05:01 -04:00
|
|
|
if [ "${!VALIDATE_LANGUAGE}" == "true" ]; then
|
|
|
|
ANY_TRUE="true"
|
|
|
|
elif [ "${!VALIDATE_LANGUAGE}" == "false" ]; then
|
|
|
|
ANY_FALSE="true"
|
|
|
|
fi
|
2020-07-22 15:26:45 -04:00
|
|
|
fi
|
2020-07-30 16:39:05 -04:00
|
|
|
done
|
|
|
|
|
2020-08-11 22:05:01 -04:00
|
|
|
if [ $ANY_TRUE == "true" ] && [ $ANY_FALSE == "true" ]; then
|
|
|
|
fatal "Behavior not supported, please either only include (VALIDATE=true) or exclude (VALIDATE=false) linters, but not both"
|
|
|
|
fi
|
|
|
|
|
|
|
|
#########################################################
|
|
|
|
# Validate if we should check/omit individual languages #
|
|
|
|
#########################################################
|
2020-07-30 16:39:05 -04:00
|
|
|
# Loop through all languages
|
|
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
|
|
# build the variable
|
|
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
|
|
# Check if ANY_SET was set
|
|
|
|
if [[ ${ANY_SET} == "true" ]]; then
|
|
|
|
# Check to see if the variable was set
|
|
|
|
if [ -z "${!VALIDATE_LANGUAGE}" ]; then
|
2020-08-11 22:05:01 -04:00
|
|
|
# Flag was not set, default to:
|
|
|
|
# if ANY_TRUE then set to false
|
|
|
|
# if ANY_FALSE then set to true
|
|
|
|
eval "${VALIDATE_LANGUAGE}='$ANY_FALSE'"
|
2020-07-30 16:39:05 -04:00
|
|
|
fi
|
|
|
|
else
|
|
|
|
# No linter flags were set - default all to true
|
|
|
|
eval "${VALIDATE_LANGUAGE}='true'"
|
2020-06-29 10:55:59 -04:00
|
|
|
fi
|
2020-10-02 17:02:47 -04:00
|
|
|
eval "export ${VALIDATE_LANGUAGE}"
|
2020-07-30 16:39:05 -04:00
|
|
|
done
|
|
|
|
|
|
|
|
#######################################
|
|
|
|
# Print which linters we are enabling #
|
|
|
|
#######################################
|
|
|
|
# Loop through all languages
|
|
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
|
|
# build the variable
|
|
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
|
|
if [[ ${!VALIDATE_LANGUAGE} == "true" ]]; then
|
|
|
|
# We need to validate
|
2020-09-28 16:29:48 -04:00
|
|
|
PRINT_ARRAY+=("- Validating [${LANGUAGE}] files in code base...")
|
|
|
|
|
|
|
|
debug "Defining variables for ${LANGUAGE} linter..."
|
|
|
|
|
|
|
|
ERRORS_VARIABLE_NAME="ERRORS_FOUND_${LANGUAGE}"
|
|
|
|
debug "Setting ${ERRORS_VARIABLE_NAME} variable value to 0..."
|
|
|
|
eval "${ERRORS_VARIABLE_NAME}=0"
|
|
|
|
debug "Exporting ${ERRORS_VARIABLE_NAME} variable..."
|
|
|
|
eval "export ${ERRORS_VARIABLE_NAME}"
|
2020-07-30 16:39:05 -04:00
|
|
|
else
|
|
|
|
# We are skipping the language
|
|
|
|
PRINT_ARRAY+=("- Excluding [$LANGUAGE] files in code base...")
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
##############################
|
|
|
|
# Validate Ansible Directory #
|
|
|
|
##############################
|
2021-02-18 13:15:50 -05:00
|
|
|
# No Value, need to default
|
2020-07-30 16:39:05 -04:00
|
|
|
if [ -z "${ANSIBLE_DIRECTORY}" ]; then
|
2021-02-18 13:15:50 -05:00
|
|
|
|
|
|
|
if [ "${TEST_CASE_RUN}" != "true" ]; then
|
|
|
|
ANSIBLE_DIRECTORY="${DEFAULT_ANSIBLE_DIRECTORY}"
|
|
|
|
debug "Setting Ansible directory to the default: ${DEFAULT_ANSIBLE_DIRECTORY}"
|
|
|
|
else
|
|
|
|
ANSIBLE_DIRECTORY="${DEFAULT_TEST_CASE_ANSIBLE_DIRECTORY}"
|
2023-12-16 03:30:33 -05:00
|
|
|
debug "Setting Ansible directory to the default for test cases: ${DEFAULT_TEST_CASE_ANSIBLE_DIRECTORY}. ANSIBLE_DIRECTORY: ${ANSIBLE_DIRECTORY}"
|
2021-02-18 13:15:50 -05:00
|
|
|
fi
|
|
|
|
debug "Setting Ansible directory to: ${ANSIBLE_DIRECTORY}"
|
2020-07-30 16:39:05 -04:00
|
|
|
else
|
|
|
|
# Check if first char is '/'
|
|
|
|
if [[ ${ANSIBLE_DIRECTORY:0:1} == "/" ]]; then
|
|
|
|
# Remove first char
|
|
|
|
ANSIBLE_DIRECTORY="${ANSIBLE_DIRECTORY:1}"
|
|
|
|
fi
|
2021-01-04 14:38:46 -05:00
|
|
|
|
|
|
|
if [ -z "${ANSIBLE_DIRECTORY}" ] || [[ ${ANSIBLE_DIRECTORY} == "." ]]; then
|
|
|
|
# Catches the case where ANSIBLE_DIRECTORY="/" or ANSIBLE_DIRECTORY="."
|
|
|
|
TEMP_ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}"
|
|
|
|
else
|
|
|
|
# Need to give it full path
|
|
|
|
TEMP_ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}/${ANSIBLE_DIRECTORY}"
|
|
|
|
fi
|
|
|
|
|
2020-07-30 16:39:05 -04:00
|
|
|
# Set the value
|
|
|
|
ANSIBLE_DIRECTORY="${TEMP_ANSIBLE_DIRECTORY}"
|
2020-09-21 18:53:30 -04:00
|
|
|
debug "Setting Ansible directory to: ${ANSIBLE_DIRECTORY}"
|
|
|
|
fi
|
|
|
|
|
2020-07-30 16:39:05 -04:00
|
|
|
###############################
|
|
|
|
# Get the disable errors flag #
|
|
|
|
###############################
|
|
|
|
if [ -z "${DISABLE_ERRORS}" ]; then
|
|
|
|
##################################
|
|
|
|
# No flag passed, set to default #
|
|
|
|
##################################
|
|
|
|
DISABLE_ERRORS="${DEFAULT_DISABLE_ERRORS}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
###############################
|
|
|
|
# Convert string to lowercase #
|
|
|
|
###############################
|
|
|
|
DISABLE_ERRORS="${DISABLE_ERRORS,,}"
|
|
|
|
|
|
|
|
############################
|
|
|
|
# Set to false if not true #
|
|
|
|
############################
|
|
|
|
if [ "${DISABLE_ERRORS}" != "true" ]; then
|
|
|
|
DISABLE_ERRORS="false"
|
|
|
|
fi
|
|
|
|
|
|
|
|
############################
|
|
|
|
# Get the run verbose flag #
|
|
|
|
############################
|
|
|
|
if [ -z "${ACTIONS_RUNNER_DEBUG}" ]; then
|
|
|
|
##################################
|
|
|
|
# No flag passed, set to default #
|
|
|
|
##################################
|
|
|
|
ACTIONS_RUNNER_DEBUG="${DEFAULT_ACTIONS_RUNNER_DEBUG}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
###############################
|
|
|
|
# Convert string to lowercase #
|
|
|
|
###############################
|
|
|
|
ACTIONS_RUNNER_DEBUG="${ACTIONS_RUNNER_DEBUG,,}"
|
|
|
|
|
|
|
|
############################
|
|
|
|
# Set to true if not false #
|
|
|
|
############################
|
|
|
|
if [ "${ACTIONS_RUNNER_DEBUG}" != "false" ]; then
|
|
|
|
ACTIONS_RUNNER_DEBUG="true"
|
|
|
|
fi
|
|
|
|
|
|
|
|
###########################
|
|
|
|
# Print the validate info #
|
|
|
|
###########################
|
|
|
|
for LINE in "${PRINT_ARRAY[@]}"; do
|
|
|
|
debug "${LINE}"
|
|
|
|
done
|
|
|
|
|
|
|
|
debug "--- DEBUG INFO ---"
|
|
|
|
debug "---------------------------------------------"
|
2023-06-20 15:57:38 -04:00
|
|
|
RUNNER=$(id -un 2>/dev/null)
|
2020-07-30 16:39:05 -04:00
|
|
|
debug "Runner:[${RUNNER}]"
|
2020-09-25 18:51:53 -04:00
|
|
|
PRINTENV=$(printenv | sort)
|
2020-07-30 16:39:05 -04:00
|
|
|
debug "ENV:"
|
|
|
|
debug "${PRINTENV}"
|
|
|
|
debug "---------------------------------------------"
|
2020-06-29 10:55:59 -04:00
|
|
|
}
|
2023-12-04 04:47:49 -05:00
|
|
|
|
|
|
|
function CheckIfGitBranchExists() {
|
|
|
|
local BRANCH_NAME="${1}"
|
|
|
|
debug "Check if the ${BRANCH_NAME} branch exists in ${GITHUB_WORKSPACE}"
|
|
|
|
if ! git -C "${GITHUB_WORKSPACE}" rev-parse --quiet --verify "${BRANCH_NAME}"; then
|
|
|
|
info "The ${BRANCH_NAME} branch doesn't exist in ${GITHUB_WORKSPACE}"
|
|
|
|
return 1
|
|
|
|
else
|
|
|
|
debug "The ${BRANCH_NAME} branch exists in ${GITHUB_WORKSPACE}"
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
function ValidateLocalGitRepository() {
|
|
|
|
debug "Check if ${GITHUB_WORKSPACE} is a Git repository"
|
|
|
|
if ! git -C "${GITHUB_WORKSPACE}" rev-parse --git-dir; then
|
|
|
|
fatal "${GITHUB_WORKSPACE} is not a Git repository."
|
|
|
|
else
|
|
|
|
debug "${GITHUB_WORKSPACE} is a Git repository"
|
|
|
|
fi
|
|
|
|
|
|
|
|
debug "Git branches: $(git -C "${GITHUB_WORKSPACE}" branch -a)"
|
|
|
|
}
|
|
|
|
|
|
|
|
function ValidateGitShaReference() {
|
2023-12-07 14:07:22 -05:00
|
|
|
debug "Git HEAD: $(git -C "${GITHUB_WORKSPACE}" show HEAD --stat)"
|
|
|
|
|
2023-12-04 04:47:49 -05:00
|
|
|
debug "Validate that the GITHUB_SHA reference (${GITHUB_SHA}) exists in this Git repository."
|
|
|
|
if ! git -C "${GITHUB_WORKSPACE}" cat-file -e "${GITHUB_SHA}"; then
|
|
|
|
fatal "The GITHUB_SHA reference (${GITHUB_SHA}) doesn't exist in this Git repository"
|
|
|
|
else
|
|
|
|
debug "The GITHUB_SHA reference (${GITHUB_SHA}) exists in this repository"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
function ValidateDefaultGitBranch() {
|
|
|
|
debug "Check if the default branch (${DEFAULT_BRANCH}) exists"
|
|
|
|
if ! CheckIfGitBranchExists "${DEFAULT_BRANCH}"; then
|
|
|
|
REMOTE_DEFAULT_BRANCH="origin/${DEFAULT_BRANCH}"
|
|
|
|
debug "The default branch (${DEFAULT_BRANCH}) doesn't exist in this Git repository. Trying with ${REMOTE_DEFAULT_BRANCH}"
|
|
|
|
if ! CheckIfGitBranchExists "${REMOTE_DEFAULT_BRANCH}"; then
|
|
|
|
fatal "Neither ${DEFAULT_BRANCH}, nor ${REMOTE_DEFAULT_BRANCH} exist in ${GITHUB_WORKSPACE}"
|
|
|
|
else
|
|
|
|
info "${DEFAULT_BRANCH} doesn't exist, however ${REMOTE_DEFAULT_BRANCH} exists. Setting DEFAULT_BRANCH to: ${REMOTE_DEFAULT_BRANCH}"
|
|
|
|
DEFAULT_BRANCH="${REMOTE_DEFAULT_BRANCH}"
|
|
|
|
debug "Updated DEFAULT_BRANCH: ${DEFAULT_BRANCH}"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
debug "The default branch (${DEFAULT_BRANCH}) exists in this repository"
|
|
|
|
fi
|
|
|
|
}
|
2023-12-22 07:22:15 -05:00
|
|
|
|
|
|
|
function CheckovConfigurationFileContainsDirectoryOption() {
|
|
|
|
local CHECKOV_LINTER_RULES_PATH="${1}"
|
|
|
|
local CONFIGURATION_OPTION_KEY="directory:"
|
|
|
|
debug "Checking if ${CHECKOV_LINTER_RULES_PATH} contains a '${CONFIGURATION_OPTION_KEY}' configuration option"
|
|
|
|
|
|
|
|
if grep -q "${CONFIGURATION_OPTION_KEY}" "${CHECKOV_LINTER_RULES_PATH}"; then
|
|
|
|
debug "${CHECKOV_LINTER_RULES_PATH} contains a '${CONFIGURATION_OPTION_KEY}' statement"
|
|
|
|
return 0
|
|
|
|
else
|
|
|
|
debug "${CHECKOV_LINTER_RULES_PATH} doesn't contain a '${CONFIGURATION_OPTION_KEY}' statement"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
}
|