diff --git a/.automation/README.md b/.automation/README.md index 76d3b1e4..812c2aae 100644 --- a/.automation/README.md +++ b/.automation/README.md @@ -1,12 +1,12 @@ # .automation This folder holds automation scripts to help `deploy` and `cleanup` **DockerHub** images of the **Super-Linter** -## cleanup-docker.md +## cleanup-docker.sh This script uses **GitHub Actions** so that when a PR is merged and closed, the **GitHub Action** is triggered. It will then search **DockerHub** for the image that was deployed during the development, and remove it. ## upload-docker.sh -This script uses **GitHub Actions** so that a push to the repository is committed, it will complete the following: +This script uses **GitHub Actions** so that when a push to the repository is committed, it will complete the following: - Checkout the source code - Build the **Docker** container for **Super-Linter** using that source code - Upload the container to **DockerHub** @@ -16,7 +16,7 @@ When the script is triggered in a branch, it will push with the tag:**NameOfBran - *testing* - *troubleshooting* - *debugging* -- **Note:** The branch name will be reduced to AlpaNumeric for consistency and uploading +- **Note:** The branch name will be reduced to alphanumeric for consistency and uploading ## test This folder holds all **Test Cases** to help run the *CI/CT/CD* process for the **Super-Linter**. diff --git a/.automation/cleanup-docker.sh b/.automation/cleanup-docker.sh index ab333098..131daf6a 100755 --- a/.automation/cleanup-docker.sh +++ b/.automation/cleanup-docker.sh @@ -1,7 +1,7 @@ #!/bin/bash ################################################################################ -############# Cleanup Container on DockerHub @admiralawkbar #################### +############# Cleanup Image on DockerHub @admiralawkbar ######################## ################################################################################ # NOTES: This script is used to remove a tagged image on DockerHub @@ -16,7 +16,7 @@ ########### # Globals # ########### -GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # Github Workspace +GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # GitHub Workspace DOCKER_USERNAME="${DOCKER_USERNAME}" # Username to login to DockerHub DOCKER_PASSWORD="${DOCKER_PASSWORD}" # Password to login to DockerHub IMAGE_REPO="${IMAGE_REPO}" # Image repo to upload the image @@ -32,7 +32,7 @@ Header() { echo "" echo "-------------------------------------------------------" - echo "----- Github Actions remove image from DockerHub ------" + echo "----- GitHub Actions remove image from DockerHub ------" echo "-------------------------------------------------------" echo "" } @@ -115,9 +115,9 @@ ValidateInput() # Check if we need to get the name of the branch # ################################################## if [[ "$IMAGE_VERSION" != "latest" ]]; then - ################################### - # Remove non alpha-numberic chars # - ################################### + ################################## + # Remove non alpha-numeric chars # + ################################## IMAGE_VERSION=$(echo "$IMAGE_VERSION" | tr -cd '[:alnum:]') else ############################################# diff --git a/.automation/test/ansible/ghe-initialize/defaults/main.yml b/.automation/test/ansible/ghe-initialize/defaults/main.yml index 6e8741f0..62e30a3a 100644 --- a/.automation/test/ansible/ghe-initialize/defaults/main.yml +++ b/.automation/test/ansible/ghe-initialize/defaults/main.yml @@ -62,7 +62,7 @@ core_expire_sessions: "false" core_package_version: "null" ####################### -# Default Github Vars # +# Default GitHub Vars # ####################### github_ssl_enabled: "true" github_ssl_tls_mode: "tlsv12" diff --git a/.automation/test/ansible/ghe-initialize/tasks/collectd-settings.yml b/.automation/test/ansible/ghe-initialize/tasks/collectd-settings.yml index f6f08485..0c73fc94 100644 --- a/.automation/test/ansible/ghe-initialize/tasks/collectd-settings.yml +++ b/.automation/test/ansible/ghe-initialize/tasks/collectd-settings.yml @@ -42,9 +42,9 @@ group: admin mode: 0644 - ######################################################### - # Set up Admin password, License, and Initial Setttings # - ######################################################### + ######################################################## + # Set up Admin password, License, and Initial Settings # + ######################################################## - name: Setup Grafana # yamllint disable shell: curl --fail -Lk \ diff --git a/.automation/test/ansible/ghe-initialize/tasks/ghe-initial-configuration.yml b/.automation/test/ansible/ghe-initialize/tasks/ghe-initial-configuration.yml index d078873e..d44e2101 100644 --- a/.automation/test/ansible/ghe-initialize/tasks/ghe-initial-configuration.yml +++ b/.automation/test/ansible/ghe-initialize/tasks/ghe-initial-configuration.yml @@ -57,10 +57,10 @@ group: admin mode: 0644 - ######################################################### - # Set up Admin password, License, and Initial Setttings # - ######################################################### - - name: Setup License, Admin Password, and Initial Setttings + ######################################################## + # Set up Admin password, License, and Initial Settings # + ######################################################## + - name: Setup License, Admin Password, and Initial Settings command: curl --fail -Lk \ -X POST "https://{{ ansible_host }}:8443/setup/api/start" \ -F license=@/tmp/ghe-license.ghl \ @@ -74,7 +74,7 @@ ################################### # Set the GHE Admin Password fact # ################################### - - name: Set the Github Admin password fact + - name: Set the GitHub Admin password fact set_fact: github_admin_password: "{{ github_admin_password }}" diff --git a/.automation/test/ansible/ghe-initialize/tasks/splunk-settings.yml b/.automation/test/ansible/ghe-initialize/tasks/splunk-settings.yml index 33919111..aaaa0780 100644 --- a/.automation/test/ansible/ghe-initialize/tasks/splunk-settings.yml +++ b/.automation/test/ansible/ghe-initialize/tasks/splunk-settings.yml @@ -42,9 +42,9 @@ group: admin mode: 0644 - ######################################################### - # Set up Admin password, License, and Initial Setttings # - ######################################################### + ######################################################## + # Set up Admin password, License, and Initial Settings # + ######################################################## - name: Setup Splunk # yamllint disable shell: curl --fail -Lk \ diff --git a/.automation/test/coffeescript/coffeescript_bad_1.coffee b/.automation/test/coffeescript/coffeescript_bad_1.coffee index 624cb3cd..5efeeacb 100644 --- a/.automation/test/coffeescript/coffeescript_bad_1.coffee +++ b/.automation/test/coffeescript/coffeescript_bad_1.coffee @@ -60,7 +60,7 @@ module.exports = (robot) -> ) # Drop the hammer # ################### robot.respond /drop the hammer/i, (msg) -> - msg.send "Commmencing the hammer dropping..." + msg.send "Commencing the hammer dropping..." msg.send msg.random dropHammer ############### diff --git a/.automation/test/coffeescript/coffeescript_good_1.coffee b/.automation/test/coffeescript/coffeescript_good_1.coffee index 40bc1264..62f2a4fe 100644 --- a/.automation/test/coffeescript/coffeescript_good_1.coffee +++ b/.automation/test/coffeescript/coffeescript_good_1.coffee @@ -62,7 +62,7 @@ module.exports = (robot) -> # Drop the hammer # ################### robot.respond /drop the hammer/i, (msg) -> - msg.send "Commmencing the hammer dropping..." + msg.send "Commencing the hammer dropping..." msg.send msg.random dropHammer ############### diff --git a/.automation/test/css/README.md b/.automation/test/css/README.md new file mode 100644 index 00000000..04c7121a --- /dev/null +++ b/.automation/test/css/README.md @@ -0,0 +1,13 @@ +# CSS Test Cases +This folder holds the test cases for **CSS**. + +## Additional Docs +No Additional information is needed for this test case. + +## Good Test Cases +The test cases denoted: `LANGUAGE_good_FILE.EXTENSION` are all valid, and should pass successfully when linted. +- **Note:** They are linted utilizing the default linter rules. + +## Bad Test Cases +The test cases denoted: `LANGUAGE_bad_FILE.EXTENSION` are **NOT** valid, and should trigger errors when linted. +- **Note:** They are linted utilizing the default linter rules. diff --git a/.automation/test/css/css_bad_01.css b/.automation/test/css/css_bad_01.css new file mode 100644 index 00000000..3c600b36 --- /dev/null +++ b/.automation/test/css/css_bad_01.css @@ -0,0 +1,9 @@ +/* Bad */ +/* Multiline */ +/* Comment */ +.selector-3[type="text"] { + background: linear-gradient(#FFFFFF, rgba(0, 0, 0, 0.8)); + box-sizing: border-box; + display: block; + color: #AAAAAA; +} diff --git a/.automation/test/css/css_good_01.css b/.automation/test/css/css_good_01.css new file mode 100644 index 00000000..a126e5b2 --- /dev/null +++ b/.automation/test/css/css_good_01.css @@ -0,0 +1,22 @@ +/** + * Multi-line comment + */ + +.selector-1, +.selector-2, +.selector-3[type="text"] { + background: linear-gradient(#fff, rgba(0, 0, 0, 0.8)); + box-sizing: border-box; + display: block; + color: #333; +} + +.selector-a, +.selector-b:not(:first-child) { + padding: 10px !important; + top: calc(calc(1em * 2) / 3); +} + +.selector-x { width: 10%; } +.selector-y { width: 20%; } +.selector-z { width: 30%; } diff --git a/.automation/test/env/README.md b/.automation/test/env/README.md new file mode 100644 index 00000000..d2ef659d --- /dev/null +++ b/.automation/test/env/README.md @@ -0,0 +1,13 @@ +# ENV Test Cases +This folder holds the test cases for **ENV**. + +## Additional Docs +No Additional information is needed for this test case. + +## Good Test Cases +The test cases denoted: `LANGUAGE_good_FILE.EXTENSION` are all valid, and should pass successfully when linted. +- **Note:** They are linted utilizing the default linter rules. + +## Bad Test Cases +The test cases denoted: `LANGUAGE_bad_FILE.EXTENSION` are **NOT** valid, and should trigger errors when linted. +- **Note:** They are linted utilizing the default linter rules. diff --git a/.automation/test/env/env_bad_1.env b/.automation/test/env/env_bad_1.env new file mode 100644 index 00000000..7361eb11 --- /dev/null +++ b/.automation/test/env/env_bad_1.env @@ -0,0 +1,5 @@ + LOGGER_LEVEL=info +MY_ENV +DB-NAME=testing +DEbUG_hTTP=true +DB_NAME=development diff --git a/.automation/test/env/env_good_1.env b/.automation/test/env/env_good_1.env new file mode 100644 index 00000000..112599ec --- /dev/null +++ b/.automation/test/env/env_good_1.env @@ -0,0 +1,4 @@ +DB_NAME=development +DEBUG_HTTP=true +LOGGER_LEVEL=info +MY_ENV= diff --git a/.automation/test/javascript/javascript_bad_1.js b/.automation/test/javascript/javascript_bad_1.js index 0ed075fc..98e5ee29 100644 --- a/.automation/test/javascript/javascript_bad_1.js +++ b/.automation/test/javascript/javascript_bad_1.js @@ -7,7 +7,7 @@ var userArray = [ 'user1' ] here is some garbage = that var teamDescription = Team of Robots -var teamPrivacy = 'closed' // closed (visibile) / secret (hidden) are options here +var teamPrivacy = 'closed' // closed (visible) / secret (hidden) are options here var teamName = process.env.GHES_TEAM_NAME var teamAccess = 'pull' // pull,push,admin options here diff --git a/.automation/test/javascript/javascript_good_1.js b/.automation/test/javascript/javascript_good_1.js index 09417a6b..ad32089f 100644 --- a/.automation/test/javascript/javascript_good_1.js +++ b/.automation/test/javascript/javascript_good_1.js @@ -5,7 +5,7 @@ var handler = createHandler({ path: '/webhook', secret: (process.env.SECRET) }) var userArray = ['user1'] var teamDescription = 'Team of Robots' -var teamPrivacy = 'closed' // closed (visibile) / secret (hidden) are options here +var teamPrivacy = 'closed' // closed (visible) / secret (hidden) are options here var teamName = process.env.GHES_TEAM_NAME var teamAccess = 'pull' // pull,push,admin options here diff --git a/.automation/test/powershell/README.md b/.automation/test/powershell/README.md new file mode 100644 index 00000000..5a778c98 --- /dev/null +++ b/.automation/test/powershell/README.md @@ -0,0 +1,13 @@ +# PowerShell Test Cases +This folder holds the test cases for **PowerShell**. + +## Additional Docs +No Additional information is needed for this test case. + +## Good Test Cases +The test cases denoted: `LANGUAGE_good_FILE.EXTENSION` are all valid, and should pass successfully when linted. +- **Note:** They are linted utilizing the default linter rules. + +## Bad Test Cases +The test cases denoted: `LANGUAGE_bad_FILE.EXTENSION` are **NOT** valid, and should trigger errors when linted. +- **Note:** They are linted utilizing the default linter rules. diff --git a/.automation/test/powershell/powershell_bad_1.ps1 b/.automation/test/powershell/powershell_bad_1.ps1 new file mode 100644 index 00000000..f1709a0a --- /dev/null +++ b/.automation/test/powershell/powershell_bad_1.ps1 @@ -0,0 +1,14 @@ +#Plaintext Parameters +function BadFunction { + param( + [String]$Username = 'me', + [String]$Password = 'password' + ) + $Username + $Password + $VariableThatIsNotUsedLater = '5' + try { + 'Empty Catch Block' + } catch {} +} + diff --git a/.automation/test/powershell/powershell_bad_1.psd1 b/.automation/test/powershell/powershell_bad_1.psd1 new file mode 100644 index 00000000..5940164c --- /dev/null +++ b/.automation/test/powershell/powershell_bad_1.psd1 @@ -0,0 +1,3 @@ +@{ + 'Hello'='World +} diff --git a/.automation/test/powershell/powershell_bad_1.psm1 b/.automation/test/powershell/powershell_bad_1.psm1 new file mode 100644 index 00000000..60d812b1 --- /dev/null +++ b/.automation/test/powershell/powershell_bad_1.psm1 @@ -0,0 +1 @@ +Write-Output "hello world! diff --git a/.automation/test/powershell/powershell_good_1.ps1 b/.automation/test/powershell/powershell_good_1.ps1 new file mode 100644 index 00000000..d762886f --- /dev/null +++ b/.automation/test/powershell/powershell_good_1.ps1 @@ -0,0 +1 @@ +Write-Output "hello world!" \ No newline at end of file diff --git a/.automation/test/powershell/powershell_good_1.psd1 b/.automation/test/powershell/powershell_good_1.psd1 new file mode 100644 index 00000000..68432ff9 --- /dev/null +++ b/.automation/test/powershell/powershell_good_1.psd1 @@ -0,0 +1,3 @@ +@{ + 'Hello'='World' +} \ No newline at end of file diff --git a/.automation/test/powershell/powershell_good_1.psm1 b/.automation/test/powershell/powershell_good_1.psm1 new file mode 100644 index 00000000..d762886f --- /dev/null +++ b/.automation/test/powershell/powershell_good_1.psm1 @@ -0,0 +1 @@ +Write-Output "hello world!" \ No newline at end of file diff --git a/.automation/test/python/python_bad_1.py b/.automation/test/python/python_bad_1.py index 843aad50..369a7224 100644 --- a/.automation/test/python/python_bad_1.py +++ b/.automation/test/python/python_bad_1.py @@ -89,7 +89,7 @@ def delete_label(label_id): Delete the specified label :param label_id: Label's node id. :type label_id: str - :return: Github API request response. + :return: GitHub API request response. """ query_variables = { diff --git a/.automation/test/python/python_good_1.py b/.automation/test/python/python_good_1.py index f808c297..e894c36f 100644 --- a/.automation/test/python/python_good_1.py +++ b/.automation/test/python/python_good_1.py @@ -88,7 +88,7 @@ def delete_label(label_id): Delete the specified label :param label_id: Label's node id. :type label_id: str - :return: Github API request response. + :return: GitHub API request response. """ query_variables = { diff --git a/.automation/upload-docker.sh b/.automation/upload-docker.sh index 36c8dd02..c41adb33 100755 --- a/.automation/upload-docker.sh +++ b/.automation/upload-docker.sh @@ -5,6 +5,7 @@ ################################################################################ # NOTES: This script is used to upload a Dockerfile to DockerHub +# under the GitHub organization # Its based on being built from a GitHub Action, but could be easily updated # To be ran in a different medium. # @@ -16,7 +17,7 @@ ########### # Globals # ########### -GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # Github Workspace +GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # GitHub Workspace DOCKER_USERNAME="${DOCKER_USERNAME}" # Username to login to DockerHub DOCKER_PASSWORD="${DOCKER_PASSWORD}" # Password to login to DockerHub IMAGE_REPO="${IMAGE_REPO}" # Image repo to upload the image @@ -32,7 +33,7 @@ Header() { echo "" echo "-------------------------------------------------------" - echo "------ Github Actions Upload image to DockerHub -------" + echo "------ GitHub Actions Upload image to DockerHub -------" echo "-------------------------------------------------------" echo "" } @@ -119,9 +120,9 @@ ValidateInput() exit 1 fi - ################################### - # Remove non alpha-numberic chars # - ################################### + ################################## + # Remove non alpha-numeric chars # + ################################## BRANCH_NAME=$(echo "$BRANCH_NAME" | tr -cd '[:alnum:]') ############################################ diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 6606d7fd..c9921dce 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,4 +1,4 @@ ###################################################################### # These owners will be the default owners for everything in the repo # ###################################################################### -* @admiralawkbar, @jwiebalk, @zkoppert \ No newline at end of file +* @admiralawkbar @jwiebalk @zkoppert @IAmHughes diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 960b4afe..e2302dd8 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -31,15 +31,17 @@ Draft pull requests are also welcome to get feedback early on, or if there is so ## Releasing If you are the current maintainer of this action: -1. Update `README.md` to reflect new version number in the suggested workflow file section -2. Draft [Release](https://help.github.com/en/github/administering-a-repository/managing-releases-in-a-repository) document explaining details of Release -3. Look for approval from [CODEOWNERS](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners) +1. Update `README.md` and the wiki to reflect new version number in the example workflow file sections +2. Draft [Release](https://help.github.com/en/github/administering-a-repository/managing-releases-in-a-repository) with a summarized changelog +3. Publish the docker image to GitHub package registry +4. Publish the docker image to Docker Hub +5. Look for approval from [CODEOWNERS](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners) ## Resources - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) - [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) - [GitHub Help](https://help.github.com) -[pulls]: https://github.com/github/github-demo-stack/pulls -[pr]: https://github.com/github/github-demo-stack/compare -[fork]: https://github.com/github/github-demo-stack/fork +[pulls]: https://github.com/github/super-linter/pulls +[pr]: https://github.com/github/super-linter/compare +[fork]: https://github.com/github/super-linter/fork diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 11fc491e..caee45bc 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -18,3 +18,6 @@ A clear and concise description of any alternative solutions or features you've **Additional context** Add any other context or screenshots about the feature request here. + +**Note** +If this is a request to add a new language, after submitting this issue check out [the wiki](https://github.com/github/super-linter/wiki/Adding-new-language-support) for more info on how to accomplish that. diff --git a/.github/linters/.stylelintrc.json b/.github/linters/.stylelintrc.json new file mode 100644 index 00000000..40db42c6 --- /dev/null +++ b/.github/linters/.stylelintrc.json @@ -0,0 +1,3 @@ +{ + "extends": "stylelint-config-standard" +} diff --git a/.github/linters/.yaml-lint.yml b/.github/linters/.yaml-lint.yml index faccea80..2aa49bd1 100644 --- a/.github/linters/.yaml-lint.yml +++ b/.github/linters/.yaml-lint.yml @@ -3,7 +3,7 @@ # These are the rules used for # # linting all the yaml files in the stack # # NOTE: # -# You can disble line with: # +# You can disable line with: # # # yamllint disable-line # ########################################### rules: diff --git a/.github/workflows/deploy-DEV.yml b/.github/workflows/deploy-DEV.yml index 35760ab0..4b6975d7 100644 --- a/.github/workflows/deploy-DEV.yml +++ b/.github/workflows/deploy-DEV.yml @@ -48,7 +48,7 @@ jobs: # Set the Env Vars DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - IMAGE_REPO: admiralawkbar/super-linter + IMAGE_REPO: github/super-linter DOCKERFILE_PATH: Dockerfile shell: bash run: .automation/upload-docker.sh @@ -66,5 +66,5 @@ jobs: - name: Run Test Cases shell: bash run: | - docker pull admiralawkbar/super-linter:${BRANCH_NAME} - docker run -e RUN_LOCAL=true -e TEST_CASE_RUN=true -v ${GITHUB_WORKSPACE}:/tmp/lint admiralawkbar/super-linter:${BRANCH_NAME} + docker pull github/super-linter:${BRANCH_NAME} + docker run -e RUN_LOCAL=true -e TEST_CASE_RUN=true -v ${GITHUB_WORKSPACE}:/tmp/lint github/super-linter:${BRANCH_NAME} diff --git a/.github/workflows/deploy-PROD.yml b/.github/workflows/deploy-PROD.yml index ab853943..fd39563b 100644 --- a/.github/workflows/deploy-PROD.yml +++ b/.github/workflows/deploy-PROD.yml @@ -45,7 +45,7 @@ jobs: # Set the Env Vars DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - IMAGE_REPO: admiralawkbar/super-linter + IMAGE_REPO: github/super-linter IMAGE_VERSION: latest DOCKERFILE_PATH: Dockerfile shell: bash diff --git a/.github/workflows/stack-linter.yml b/.github/workflows/stack-linter.yml index c6d8c58a..5db00510 100644 --- a/.github/workflows/stack-linter.yml +++ b/.github/workflows/stack-linter.yml @@ -41,6 +41,6 @@ jobs: # Run Linter against code base # ################################ - name: Lint Code Base - uses: docker://admiralawkbar/super-linter:latest + uses: docker://github/super-linter:latest env: VALIDATE_ALL_CODEBASE: false diff --git a/Dockerfile b/Dockerfile index 2918553f..bc56cb80 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ FROM python:alpine # Label the instance and set maintainer # ######################################### LABEL com.github.actions.name="GitHub Super-Linter" \ - com.github.actions.description="Lint your code base with Github Actions" \ + com.github.actions.description="Lint your code base with GitHub Actions" \ com.github.actions.icon="code" \ com.github.actions.color="red" \ maintainer="GitHub DevOps " @@ -28,7 +28,25 @@ RUN apk add --no-cache \ ruby ruby-dev ruby-bundler ruby-rdoc make \ py3-setuptools ansible-lint \ go \ - php7 + php7 \ + ca-certificates less ncurses-terminfo-base \ + krb5-libs libgcc libintl libssl1.1 libstdc++ \ + tzdata userspace-rcu zlib icu-libs lttng-ust + +######################################### +# Install Powershell + PSScriptAnalyzer # +######################################### +# Reference: https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7 +# Slightly modified to always retrieve latest stable Powershell version +RUN mkdir -p /opt/microsoft/powershell/7 \ + && curl -s https://api.github.com/repos/powershell/powershell/releases/latest \ + | grep browser_download_url \ + | grep linux-alpine-x64 \ + | cut -d '"' -f 4 \ + | xargs -n 1 wget -O - \ + | tar -xzC /opt/microsoft/powershell/7 \ + && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ + && pwsh -c 'install-module psscriptanalyzer -force' ##################### # Run Pip3 Installs # @@ -44,17 +62,19 @@ RUN npm config set package-lock false \ && npm -g --no-cache install \ markdownlint-cli \ jsonlint prettyjson \ - coffeelint \ + @coffeelint/cli \ typescript eslint \ standard \ babel-eslint \ @typescript-eslint/eslint-plugin \ @typescript-eslint/parser \ eslint-plugin-jest \ + stylelint \ + stylelint-config-standard \ && npm --no-cache install \ markdownlint-cli \ jsonlint prettyjson \ - coffeelint \ + @coffeelint/cli \ typescript eslint \ standard \ babel-eslint \ @@ -62,7 +82,9 @@ RUN npm config set package-lock false \ eslint-config-prettier \ @typescript-eslint/eslint-plugin \ @typescript-eslint/parser \ - eslint-plugin-jest + eslint-plugin-jest \ + stylelint \ + stylelint-config-standard #################################### # Install dockerfilelint from repo # @@ -78,8 +100,11 @@ RUN git clone https://github.com/replicatedhq/dockerfilelint.git && cd /dockerfi RUN gem install rubocop:0.74.0 rubocop-rails rubocop-github:0.13.0 # Need to fix the version as it installs 'rubocop:0.85.1' as a dep, and forces the default -# We then need to promot the correct verion, uninstall, and fix deps -RUN sh -c 'gem install --default rubocop:0.74.0; yes | gem uninstall rubocop:0.85.1 -a -x -I; gem install rubocop:0.74.0' +# We then need to promote the correct version, uninstall, and fix deps +RUN sh -c 'INCORRECT_VERSION=$(gem list rhc -e rubocop | grep rubocop | awk "{print $2}" | cut -d"(" -f2 | cut -d"," -f1); \ + gem install --default rubocop:0.74.0; \ + yes | gem uninstall rubocop:$INCORRECT_VERSION -a -x -I; \ + gem install rubocop:0.74.0' ###################### # Install shellcheck # @@ -90,7 +115,7 @@ RUN wget -qO- "https://github.com/koalaman/shellcheck/releases/download/stable/s ##################### # Install Go Linter # ##################### -ARG GO_VERSION='v1.23.7' +ARG GO_VERSION='v1.27.0' RUN wget -O- -nvq https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s "$GO_VERSION" ################## @@ -99,12 +124,19 @@ RUN wget -O- -nvq https://raw.githubusercontent.com/golangci/golangci-lint/maste RUN curl -Ls "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint.zip && unzip tflint.zip && rm tflint.zip \ && mv "tflint" /usr/bin/ +######################### +# Install dotenv-linter # +######################### +RUN wget "https://github.com/dotenv-linter/dotenv-linter/releases/latest/download/dotenv-linter-alpine-x86_64.tar.gz" -O - -q | tar -xzf - \ + && mv "dotenv-linter" /usr/bin + ########################################### -# Load GitHub Env Vars for Github Actions # +# Load GitHub Env Vars for GitHub Actions # ########################################### ENV GITHUB_SHA=${GITHUB_SHA} \ GITHUB_EVENT_PATH=${GITHUB_EVENT_PATH} \ GITHUB_WORKSPACE=${GITHUB_WORKSPACE} \ + DEFAULT_BRANCH=${DEFAULT_BRANCH} \ VALIDATE_ALL_CODEBASE=${VALIDATE_ALL_CODEBASE} \ VALIDATE_YAML=${VALIDATE_YAML} \ VALIDATE_JSON=${VALIDATE_JSON} \ @@ -124,10 +156,14 @@ ENV GITHUB_SHA=${GITHUB_SHA} \ VALIDATE_TYPESCRIPT_STANDARD=${VALIDATE_TYPESCRIPT_STANDARD} \ VALIDATE_GO=${VALIDATE_GO} \ VALIDATE_TERRAFORM=${VALIDATE_TERRAFORM} \ + VALIDATE_CSS=${VALIDATE_CSS} \ + VALIDATE_ENV=${VALIDATE_ENV} \ + VALIDATE_POWERSHELL=${VALIDATE_POWERSHELL} \ ANSIBLE_DIRECTORY=${ANSIBLE_DIRECTORY} \ RUN_LOCAL=${RUN_LOCAL} \ TEST_CASE_RUN=${TEST_CASE_RUN} \ - ACTIONS_RUNNER_DEBUG=${ACTIONS_RUNNER_DEBUG} + ACTIONS_RUNNER_DEBUG=${ACTIONS_RUNNER_DEBUG} \ + DISABLE_ERRORS=${DISABLE_ERRORS} ############################# # Copy scripts to container # diff --git a/README.md b/README.md index 934339a3..6b4e994b 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ This repository is for the **GitHub Action** to run a **Super-Linter**. It is a simple combination of various linters, written in `bash`, to help validate your source code. The end goal of this tool: -- Prevent broken code from being uploaded to *master* branches +- Prevent broken code from being uploaded to the default branch (Usually `master`) - Help establish coding best practices across multiple languages - Build guidelines for code layout and format - Automate the process to help streamline code reviews @@ -19,7 +19,8 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base | *Language* | *Linter* | | --- | --- | | **Ansible** | [ansible-lint](https://github.com/ansible/ansible-lint) | -| **CoffeeScript** | [coffeelint](http://www.coffeelint.org/) | +| **CSS** | [stylelint](https://stylelint.io/) | +| **CoffeeScript** | [coffeelint](https://coffeelint.github.io/) | | **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) | | **Golang** | [golangci-lint](https://github.com/golangci/golangci-lint) | | **JavaScript** | [eslint](https://eslint.org/) [standard js](https://standardjs.com/) | @@ -28,12 +29,14 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base | **Perl** | [perl](https://pkgs.alpinelinux.org/package/edge/main/x86/perl) | | **PHP** | [PHP](https://www.php.net/) | | **Python3** | [pylint](https://www.pylint.org/) | -| **Ruby** | [Rubocop](https://github.com/rubocop-hq/rubocop) | +| **Ruby** | [RuboCop](https://github.com/rubocop-hq/rubocop) | | **Shell** | [Shellcheck](https://github.com/koalaman/shellcheck) | | **Terraform** | [tflint](https://github.com/terraform-linters/tflint) | | **TypeScript** | [eslint](https://eslint.org/) [standard js](https://standardjs.com/) | | **XML** | [LibXML](http://xmlsoft.org/) | | **YAML** | [YamlLint](https://github.com/adrienverge/yamllint) | +| **PowerShell** | [PSScriptAnalyzer](https://github.com/PowerShell/Psscriptanalyzer) | +| **ENV** | [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) | ## How to use To use this **GitHub** Action you will need to complete the following: @@ -94,26 +97,29 @@ jobs: # Run Linter against code base # ################################ - name: Lint Code Base - uses: github/super-linter@v2.0.0 + uses: docker://github/super-linter:v2.1.0 env: VALIDATE_ALL_CODEBASE: false VALIDATE_ANSIBLE: false ... ``` +**NOTE:** Using the line:`uses: docker://github/super-linter:v2.1.0` will pull the image down from **DockerHub** and run the **GitHub Super-Linter**. Using the line: `uses: github/super-linter@v2.1.0` will build and compile the **GitHub Super-Linter** at build time. This can be far more costly in time... + ## Environment variables The super-linter allows you to pass the following `ENV` variables to be able to trigger different functionality. -*Note:* All the `VALIDATE_[LANGAUGE]` variables behave in a specific way. +*Note:* All the `VALIDATE_[LANGUAGE]` variables behave in a specific way. If none of them are passed, then they all default to true. However if any one of the variables are set, we default to leaving any unset variable to false. -This means that if you run the linter "out of the box", all langauges will be checked. +This means that if you run the linter "out of the box", all languages will be checked. But if you wish to select specific linters, we give you full control to choose which linters are run, and won't run anything unexpected. | **ENV VAR** | **Default Value** | **Notes** | | --- | --- | --- | | **VALIDATE_ALL_CODEBASE** | `true` | Will parse the entire repository and find all files to validate across all types. **NOTE:** When set to `false`, only **new** or **edited** files will be parsed for validation. | +| **DEFAULT_BRANCH** | `master` | The name of the repository default branch. | | **VALIDATE_YAML** | `true` |Flag to enable or disable the linting process of the language. | | **VALIDATE_JSON** | `true` | Flag to enable or disable the linting process of the language. | | **VALIDATE_XML** | `true` | Flag to enable or disable the linting process of the language. | @@ -131,20 +137,25 @@ and won't run anything unexpected. | **VALIDATE_TYPESCRIPT_STANDARD** | `true` | Flag to enable or disable the linting process of the language. (Utilizing: standard) | | **VALIDATE_DOCKER** | `true` | Flag to enable or disable the linting process of the language. | | **VALIDATE_GO** | `true` | Flag to enable or disable the linting process of the language. | +| **VALIDATE_POWERSHELL** | `true` | Flag to enable or disable the linting process of the language. | | **VALIDATE_TERRAFORM** | `true` | Flag to enable or disable the linting process of the language. | +| **VALIDATE_CSS** | `true` | Flag to enable or disable the linting process of the language. | +| **VALIDATE_ENV** | `true` | Flag to enable or disable the linting process of the language. | | **ANSIBLE_DIRECTORY** | `/ansible` | Flag to set the root directory for Ansible file location(s). | | **ACTIONS_RUNNER_DEBUG** | `false` | Flag to enable additional information about the linter, versions, and additional output. | +| **DISABLE_ERRORS** | `false` | Flag to have the linter complete with exit code 0 even if errors were detected. | +| **DEFAULT_WORKSPACE** | `/tmp/lint` | The location containing files to lint if you are running locally. | ### Template rules files You can use the **GitHub** **Super-Linter** *with* or *without* your own personal rules sets. This allows for greater flexibility for each individual code base. The Template rules all try to follow the standards we believe should be enabled at the basic level. - Copy **any** or **all** template rules files from `TEMPLATES/` into your repository in the location: `.github/linters/` of your repository - - If your repository does not have rules files, they will fall back to defaults in this repositories `TEMPLATE` folder + - If your repository does not have rules files, they will fall back to defaults in [this repository's `TEMPLATE` folder](https://github.com/github/super-linter/tree/master/TEMPLATES) ## Disabling rules If you need to disable certain *rules* and *functionality*, you can view [Disable Rules](https://github.com/github/super-linter/blob/master/docs/disabling-linters.md) ## Docker Hub -The **Docker** container that is built from this repository is located at `https://hub.docker.com/r/admiralawkbar/super-linter` +The **Docker** container that is built from this repository is located at `https://hub.docker.com/r/github/super-linter` ## Running Super-Linter locally (troubleshooting/debugging/enhancements) If you find that you need to run super-linter locally, you can follow the documentation at [Running super-linter locally](https://github.com/github/super-linter/blob/master/docs/run-linter-locally.md) @@ -156,7 +167,7 @@ The **Super-Linter** has *CI/CT/CD* configured utilizing **GitHub** Actions. - `.automation/test` contains all test cases for each language that should be validated - These **GitHub** Actions utilize the Checks API and Protected Branches to help follow the SDLC - When the Pull Request is merged to master, the **Super-Linter** **Docker** container is then updated and deployed with the new codebase - - **Note:** The branches **Docker** container is also removed from **DockerHub** to cleanup after itself + - **Note:** The branch's **Docker** container is also removed from **DockerHub** to cleanup after itself ## Limitations Below are a list of the known limitations for the **GitHub Super-Linter**: diff --git a/TEMPLATES/.powershell-psscriptanalyzer.psd1 b/TEMPLATES/.powershell-psscriptanalyzer.psd1 new file mode 100644 index 00000000..ab462662 --- /dev/null +++ b/TEMPLATES/.powershell-psscriptanalyzer.psd1 @@ -0,0 +1,18 @@ +#Documentation: https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/markdown/Invoke-ScriptAnalyzer.md#-settings +@{ + #CustomRulePath='path\to\CustomRuleModule.psm1' + #RecurseCustomRulePath='path\of\customrules' + #Severity = @( + # 'Error' + # 'Warning' + #) + #IncludeDefaultRules=$true + #ExcludeRules = @( + # 'PSAvoidUsingWriteHost', + # 'MyCustomRuleName' + #) + #IncludeRules = @( + # 'PSAvoidUsingWriteHost', + # 'MyCustomRuleName' + #) +} \ No newline at end of file diff --git a/TEMPLATES/.stylelintrc.json b/TEMPLATES/.stylelintrc.json new file mode 100644 index 00000000..40db42c6 --- /dev/null +++ b/TEMPLATES/.stylelintrc.json @@ -0,0 +1,3 @@ +{ + "extends": "stylelint-config-standard" +} diff --git a/TEMPLATES/.yaml-lint.yml b/TEMPLATES/.yaml-lint.yml index faccea80..2aa49bd1 100644 --- a/TEMPLATES/.yaml-lint.yml +++ b/TEMPLATES/.yaml-lint.yml @@ -3,7 +3,7 @@ # These are the rules used for # # linting all the yaml files in the stack # # NOTE: # -# You can disble line with: # +# You can disable line with: # # # yamllint disable-line # ########################################### rules: diff --git a/TEMPLATES/README.md b/TEMPLATES/README.md index bcd84269..c1ed7152 100644 --- a/TEMPLATES/README.md +++ b/TEMPLATES/README.md @@ -2,7 +2,5 @@ The files in this folder are template rules for the linters that will run against your code base. If you chose to copy these to your local repository in the directory: `.github/` they will be used at runtime. If they are not present, they will be used by default in the linter run. - - The file(s) will be parsed at run time on the local branch to load all rules needed to run the **Super-Linter** **GitHub** Action. The **GitHub** Action will inform the user via the **Checks API** on the status and success of the process. diff --git a/docs/disabling-linters.md b/docs/disabling-linters.md index 33d70b70..609f19ea 100644 --- a/docs/disabling-linters.md +++ b/docs/disabling-linters.md @@ -21,26 +21,28 @@ Below is examples and documentation for each language and the various methods to - [Golang](#golang) - [Dockerfile](#dockerfile) - [Terraform](#terraform) +- [CSS](#css) +- [ENV](#env) -------------------------------------------------------------------------------- ## Ruby -- [Rubocop](https://github.com/rubocop-hq/rubocop) +- [RuboCop](https://github.com/rubocop-hq/rubocop) -### Rubocop Config file +### RuboCop Config file - `.github/linters/.ruby-lint.yml` - You can pass multiple rules and overwrite default rules - File should be located at: `.github/linters/.ruby-lint.yml` -- **Note:** We use the Default **GitHub** Rule set from [Rubocop-GitHub](https://github.com/github/rubocop-github) +- **Note:** We use the Default **GitHub** Rule set from [RuboCop-GitHub](https://github.com/github/rubocop-github) -### Rubocop disable single line +### RuboCop disable single line ```ruby method(argument) # rubocop:disable SomeRule, SomeOtherRule ``` -### Rubocop disable code block +### RuboCop disable code block ```ruby # rubocop:disable This is a long line @@ -48,7 +50,7 @@ var="this is some other stuff" # rubocop:enable ``` -### Rubocop disable entire file +### RuboCop disable entire file If you need to ignore an entire file, you can update the `.github/linters/.ruby-lint.yml` to ignore certain files and locations ```yml @@ -337,7 +339,7 @@ Here is more data -------------------------------------------------------------------------------- ## Coffeescript -- [coffeelint](http://www.coffeelint.org/) +- [coffeelint](https://coffeelint.github.io/) ### coffeelint Config file - `.github/linters/.coffee-lint.yml` @@ -493,7 +495,7 @@ alert('foo') -------------------------------------------------------------------------------- ## Dockerfile --[dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) +- [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) ### Dockerfilelint standard Config file - `.github/linters/.dockerfilelintrc` @@ -529,3 +531,54 @@ alert('foo') - There is currently **No** way to disable rules inline of the file(s) -------------------------------------------------------------------------------- + +## CSS +- [stylelint](https://stylelint.io/) + +### stylelint standard Config file +- `.github/linters/.stylelintrc.json` + +### stylelint disable single line +```css +#id { + /* stylelint-disable-next-line declaration-no-important */ + color: pink !important; +} +``` + +### stylelint disable code block +```css +/* stylelint-disable */ +a {} +/* stylelint-enable */ +``` + +### stylelint disable entire file +- You can disable entire files with the `ignoreFiles` property in `.stylelintrc.json` +```json +{ + "ignoreFiles": [ + "styles/ignored/wildcards/*.css", + "styles/ignored/specific-file.css" + ] +} +``` + +-------------------------------------------------------------------------------- + +## ENV +- [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) + +### dotenv-linter Config file +- There is no top level *configuration file* available at this time + +### dotenv-linter disable single line +```env +# Comment line will be ignored +``` + +### dotenv-linter disable code block +- There is currently **No** way to disable rules inline of the file(s) + +### dotenv-linter disable entire file +- There is currently **No** way to disable rules inline of the file(s) diff --git a/docs/run-linter-locally.md b/docs/run-linter-locally.md index 06117349..c28418b4 100644 --- a/docs/run-linter-locally.md +++ b/docs/run-linter-locally.md @@ -12,14 +12,15 @@ You can follow the link below on how to install and configure **Docker** on your ## Download the latest Super-Linter Docker container - Pull the latest **Docker** container down from **DockerHub** - - `docker pull admiralawkbar/super-linter:latest` + - `docker pull github/super-linter:latest` Once the container has been downloaded to your local environment, you can then begin the process, or running the container against your codebase. ## Run the container Locally - You can run the container locally with the following **Base** flags to run your code: - - `docker run -e RUN_LOCAL=true -v /path/to/local/codebase:/tmp/lint admiralawkbar/super-linter` - - To run against a single file you can use: `docker run -e RUN_LOCAL=true -v /path/to/local/codebase/file:/tmp/lint/file admiralawkbar/super-linter` + - `docker run -e RUN_LOCAL=true -v /path/to/local/codebase:/tmp/lint github/super-linter` + - To run against a single file you can use: `docker run -e RUN_LOCAL=true -v /path/to/local/codebase/file:/tmp/lint/file github/super-linter` - **NOTE:** You need to pass the `RUN_LOCAL` flag to bypass some of the GitHub Actions checks, as well as the mapping of your local codebase to `/tmp/lint` so that the linter can pick up the code + - **NOTE:** If you want to override the `/tmp/lint` folder, you can set the `DEFAULT_WORKSPACE` environment variable to point to the folder you'd prefer to scan. - **NOTE:** The flag:`RUN_LOCAL` will set: `VALIDATE_ALL_CODEBASE` to true. This means it will scan **all** the files in the directory you have mapped. If you want to only validate a subset of your codebase, map a folder with only the files you wish to have linted ### Flags for running Locally @@ -29,7 +30,7 @@ You can add as many **Additional** flags as needed, documented in [README.md](.. ### Run container and gain access to the command line If you need to run the container locally and gain access to its command line, you can run the following command: -- `docker run -it --entrypoint /bin/bash admiralawkbar/super-linter` +- `docker run -it --entrypoint /bin/bash github/super-linter` - This will drop you in the command line of the docker container for any testing or troubleshooting that may be needed. ### Found issues diff --git a/lib/linter.sh b/lib/linter.sh index bc0f1b6a..4fced147 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -32,7 +32,7 @@ COFFEESCRIPT_LINTER_RULES="$DEFAULT_RULES_LOCATION/$COFFEE_FILE_NAME" # Path to JAVASCRIPT_FILE_NAME='.eslintrc.yml' # Name of the file JAVASCRIPT_LINTER_RULES="$DEFAULT_RULES_LOCATION/$JAVASCRIPT_FILE_NAME" # Path to the Javascript lint rules JAVASCRIPT_STANDARD_LINTER_RULES='' # ENV string to pass when running js standard -# Typecript Vars +# Typescript Vars TYPESCRIPT_FILE_NAME='.eslintrc.yml' # Name of the file TYPESCRIPT_LINTER_RULES="$DEFAULT_RULES_LOCATION/$TYPESCRIPT_FILE_NAME" # Path to the Typescript lint rules TYPESCRIPT_STANDARD_LINTER_RULES='' # ENV string to pass when running js standard @@ -48,20 +48,28 @@ GO_LINTER_RULES="$DEFAULT_RULES_LOCATION/$GO_FILE_NAME" # Path to th # Terraform Vars TERRAFORM_FILE_NAME='.tflint.hcl' # Name of the file TERRAFORM_LINTER_RULES="$DEFAULT_RULES_LOCATION/$TERRAFORM_FILE_NAME" # Path to the Terraform lint rules +# Powershell Vars +POWERSHELL_FILE_NAME='.powershell-psscriptanalyzer.psd1' # Name of the file +POWERSHELL_LINTER_RULES="$DEFAULT_RULES_LOCATION/$POWERSHELL_FILE_NAME" # Path to the Powershell lint rules +# CSS Vars +CSS_FILE_NAME='.stylelintrc.json' # Name of the file +CSS_LINTER_RULES="$DEFAULT_RULES_LOCATION/$CSS_FILE_NAME" # Path to the CSS lint rules ####################################### # Linter array for information prints # ####################################### LINTER_ARRAY=("jsonlint" "yamllint" "xmllint" "markdownlint" "shellcheck" "pylint" "perl" "rubocop" "coffeelint" "eslint" "standard" - "ansible-lint" "/dockerfilelint/bin/dockerfilelint" "golangci-lint" "tflint") + "ansible-lint" "/dockerfilelint/bin/dockerfilelint" "golangci-lint" "tflint" + "stylelint" "dotenv-linter" "powershell") ############################# # Language array for prints # ############################# LANGUAGE_ARRAY=('YML' 'JSON' 'XML' 'MARKDOWN' 'BASH' 'PERL' 'PHP' 'RUBY' 'PYTHON' 'COFFEESCRIPT' 'ANSIBLE' 'JAVASCRIPT_STANDARD' 'JAVASCRIPT_ES' - 'TYPESCRIPT_STANDARD' 'TYPESCRIPT_ES' 'DOCKER' 'GO' 'TERRAFORM') + 'TYPESCRIPT_STANDARD' 'TYPESCRIPT_ES' 'DOCKER' 'GO' 'TERRAFORM' 'CSS' + 'ENV' 'POWERSHELL') ################### # GitHub ENV Vars # @@ -69,6 +77,7 @@ LANGUAGE_ARRAY=('YML' 'JSON' 'XML' 'MARKDOWN' 'BASH' 'PERL' 'PHP' 'RUBY' 'PYTHON GITHUB_SHA="${GITHUB_SHA}" # GitHub sha from the commit GITHUB_EVENT_PATH="${GITHUB_EVENT_PATH}" # Github Event Path GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # Github Workspace +DEFAULT_BRANCH="${DEFAULT_BRANCH:-master}" # Default Git Branch to use (master by default) ANSIBLE_DIRECTORY="${ANSIBLE_DIRECTORY}" # Ansible Directory VALIDATE_ALL_CODEBASE="${VALIDATE_ALL_CODEBASE}" # Boolean to validate all files VALIDATE_YAML="${VALIDATE_YAML}" # Boolean to validate language @@ -89,7 +98,11 @@ VALIDATE_TYPESCRIPT_STANDARD="${VALIDATE_TYPESCRIPT_STANDARD}" # Boolean to val VALIDATE_DOCKER="${VALIDATE_DOCKER}" # Boolean to validate language VALIDATE_GO="${VALIDATE_GO}" # Boolean to validate language VALIDATE_TERRAFORM="${VALIDATE_TERRAFORM}" # Boolean to validate language +VALIDATE_POWERSHELL="${VALIDATE_POWERSHELL}" # Boolean to validate language +VALIDATE_CSS="${VALIDATE_CSS}" # Boolean to validate language +VALIDATE_ENV="${VALIDATE_ENV}" # Boolean to validate language TEST_CASE_RUN="${TEST_CASE_RUN}" # Boolean to validate only test cases +DISABLE_ERRORS="${DISABLE_ERRORS}" # Boolean to enable warning-only output without throwing errors ############## # Debug Vars # @@ -101,7 +114,7 @@ ACTIONS_RUNNER_DEBUG="${ACTIONS_RUNNER_DEBUG}" # Boolean to see even more info # Default Vars # ################ DEFAULT_VALIDATE_ALL_CODEBASE='true' # Default value for validate all files -DEFAULT_WORKSPACE='/tmp/lint' # Default workspace if running locally +DEFAULT_WORKSPACE="${DEFAULT_WORKSPACE:-/tmp/lint}" # Default workspace if running locally DEFAULT_ANSIBLE_DIRECTORY="$GITHUB_WORKSPACE/ansible" # Default Ansible Directory DEFAULT_RUN_LOCAL='false' # Default value for debugging locally DEFAULT_TEST_CASE_RUN='false' # Flag to tell code to run only test cases @@ -109,6 +122,7 @@ DEFAULT_ACTIONS_RUNNER_DEBUG='false' # Default value for debugg RAW_FILE_ARRAY=() # Array of all files that were changed READ_ONLY_CHANGE_FLAG=0 # Flag set to 1 if files changed are not txt or md TEST_CASE_FOLDER='.automation/test' # Folder for test cases we should always ignore +DEFAULT_DISABLE_ERRORS='false' # Default to enabling errors ########################## # Array of changed files # @@ -130,6 +144,9 @@ FILE_ARRAY_TYPESCRIPT_STANDARD=() # Array of files to check FILE_ARRAY_DOCKER=() # Array of files to check FILE_ARRAY_GO=() # Array of files to check FILE_ARRAY_TERRAFORM=() # Array of files to check +FILE_ARRAY_POWERSHELL=() # Array of files to check +FILE_ARRAY_CSS=() # Array of files to check +FILE_ARRAY_ENV=() # Array of files to check ############ # Counters # @@ -152,6 +169,9 @@ ERRORS_FOUND_TYPESCRIPT_ES=0 # Count of errors found ERRORS_FOUND_DOCKER=0 # Count of errors found ERRORS_FOUND_GO=0 # Count of errors found ERRORS_FOUND_TERRAFORM=0 # Count of errors found +ERRORS_FOUND_POWERSHELL=0 # Count of errors found +ERRORS_FOUND_CSS=0 # Count of errors found +ERRORS_FOUND_ENV=0 # Count of errors found ################################################################################ ########################## FUNCTIONS BELOW ##################################### @@ -170,7 +190,7 @@ Header() ########## echo "" echo "---------------------------------------------" - echo "--- Github Actions Multi Language Linter ----" + echo "--- GitHub Actions Multi Language Linter ----" echo "---------------------------------------------" echo "" echo "---------------------------------------------" @@ -212,7 +232,7 @@ GetLinterVersions() ############################## # Check the shell for errors # ############################## - if [ $ERROR_CODE -ne 0 ] | [ -z "${GET_VERSION_CMD[*]}" ]; then + if [ $ERROR_CODE -ne 0 ] || [ -z "${GET_VERSION_CMD[*]}" ]; then echo "WARN! Failed to get version info for:[$LINTER]" echo "---------------------------------------------" else @@ -343,9 +363,9 @@ GetStandardRules() ENV_STRING+="--env ${ENV} " done - ######################################## - # Remove trailing and ending witespace # - ######################################## + ######################################### + # Remove trailing and ending whitespace # + ######################################### if [[ "$LINTER" == "javascript" ]]; then JAVASCRIPT_STANDARD_LINTER_RULES="$(echo -e "${ENV_STRING}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" elif [[ "$LINTER" == "typescript" ]]; then @@ -729,6 +749,9 @@ GetValidationInfo() VALIDATE_DOCKER=$(echo "$VALIDATE_DOCKER" | awk '{print tolower($0)}') VALIDATE_GO=$(echo "$VALIDATE_GO" | awk '{print tolower($0)}') VALIDATE_TERRAFORM=$(echo "$VALIDATE_TERRAFORM" | awk '{print tolower($0)}') + VALIDATE_POWERSHELL=$(echo "$VALIDATE_POWERSHELL" | awk '{print tolower($0)}') + VALIDATE_CSS=$(echo "$VALIDATE_CSS" | awk '{print tolower($0)}') + VALIDATE_ENV=$(echo "$VALIDATE_ENV" | awk '{print tolower($0)}') ################################################ # Determine if any linters were explicitly set # @@ -751,7 +774,10 @@ GetValidationInfo() -n "$VALIDATE_TYPESCRIPT_STANDARD" || \ -n "$VALIDATE_DOCKER" || \ -n "$VALIDATE_GO" || \ - -n "$VALIDATE_TERRAFORM" ]]; then + -n "$VALIDATE_TERRAFORM" || \ + -n "$VALIDATE_POWERSHELL" || \ + -n "$VALIDATE_CSS" || \ + -n "$VALIDATE_ENV" ]]; then ANY_SET="true" fi @@ -1007,6 +1033,48 @@ GetValidationInfo() VALIDATE_TERRAFORM="true" fi + ######################################### + # Validate if we should check POWERSHELL # + ######################################### + if [[ "$ANY_SET" == "true" ]]; then + # Some linter flags were set - only run those set to true + if [[ -z "$VALIDATE_POWERSHELL" ]]; then + # POWERSHELL flag was not set - default to false + VALIDATE_POWERSHELL="false" + fi + else + # No linter flags were set - default all to true + VALIDATE_POWERSHELL="true" + fi + + ################################### + # Validate if we should check CSS # + ################################### + if [[ "$ANY_SET" == "true" ]]; then + # Some linter flags were set - only run those set to true + if [[ -z "$VALIDATE_CSS" ]]; then + # CSS flag was not set - default to false + VALIDATE_CSS="false" + fi + else + # No linter flags were set - default all to true + VALIDATE_CSS="true" + fi + + ################################### + # Validate if we should check ENV # + ################################### + if [[ "$ANY_SET" == "true" ]]; then + # Some linter flags were set - only run those set to true + if [[ -z "$VALIDATE_ENV" ]]; then + # ENV flag was not set - default to false + VALIDATE_ENV="false" + fi + else + # No linter flags were set - default all to true + VALIDATE_ENV="true" + fi + ####################################### # Print which linters we are enabling # ####################################### @@ -1100,6 +1168,21 @@ GetValidationInfo() else PRINT_ARRAY+=("- Excluding [TERRAFORM] files in code base...") fi + if [[ "$VALIDATE_POWERSHELL" == "true" ]]; then + PRINT_ARRAY+=("- Validating [POWERSHELL] files in code base...") + else + PRINT_ARRAY+=("- Excluding [POWERSHELL] files in code base...") + fi + if [[ "$VALIDATE_CSS" == "true" ]]; then + PRINT_ARRAY+=("- Validating [CSS] files in code base...") + else + PRINT_ARRAY+=("- Excluding [CSS] files in code base...") + fi + if [[ "$VALIDATE_ENV" == "true" ]]; then + PRINT_ARRAY+=("- Validating [ENV] files in code base...") + else + PRINT_ARRAY+=("- Excluding [ENV] files in code base...") + fi ############################## # Validate Ansible Directory # @@ -1119,6 +1202,28 @@ GetValidationInfo() ANSIBLE_DIRECTORY="$TEMP_ANSIBLE_DIRECTORY" fi + ############################### + # Get the disable errors flag # + ############################### + if [ -z "$DISABLE_ERRORS" ]; then + ################################## + # No flag passed, set to default # + ################################## + DISABLE_ERRORS="$DEFAULT_DISABLE_ERRORS" + fi + + ############################### + # Convert string to lowercase # + ############################### + DISABLE_ERRORS=$(echo "$DISABLE_ERRORS" | awk '{print tolower($0)}') + + ############################ + # Set to false if not true # + ############################ + if [ "$DISABLE_ERRORS" != "true" ]; then + DISABLE_ERRORS="false" + fi + ############################ # Get the run verbose flag # ############################ @@ -1178,10 +1283,10 @@ BuildFileList() echo "Pulling in code history and branches..." fi - ##################################################################### - # Switch codebase back to master to get a list of all files changed # - ##################################################################### - SWITCH_CMD=$(cd "$GITHUB_WORKSPACE" || exit; git pull --quiet; git checkout master 2>&1) + ################################################################################# + # Switch codebase back to the default branch to get a list of all files changed # + ################################################################################# + SWITCH_CMD=$(cd "$GITHUB_WORKSPACE" || exit; git pull --quiet; git checkout "$DEFAULT_BRANCH" 2>&1) ####################### # Load the error code # @@ -1193,7 +1298,7 @@ BuildFileList() ############################## if [ $ERROR_CODE -ne 0 ]; then # Error - echo "Failed to switch to master branch to get files changed!" + echo "Failed to switch to $DEFAULT_BRANCH branch to get files changed!" echo "ERROR:[$SWITCH_CMD]" exit 1 fi @@ -1204,14 +1309,14 @@ BuildFileList() if [[ "$ACTIONS_RUNNER_DEBUG" == "true" ]]; then echo "" echo "----------------------------------------------" - echo "Generating Diff with:[git diff --name-only 'master..$GITHUB_SHA' --diff-filter=d]" + echo "Generating Diff with:[git diff --name-only '$DEFAULT_BRANCH..$GITHUB_SHA' --diff-filter=d]" fi - ################################################ - # Get the Array of files changed in the comits # - ################################################ + ################################################# + # Get the Array of files changed in the commits # + ################################################# # shellcheck disable=SC2207 - RAW_FILE_ARRAY=($(cd "$GITHUB_WORKSPACE" || exit; git diff --name-only "master..$GITHUB_SHA" --diff-filter=d 2>&1)) + RAW_FILE_ARRAY=($(cd "$GITHUB_WORKSPACE" || exit; git diff --name-only "$DEFAULT_BRANCH..$GITHUB_SHA" --diff-filter=d 2>&1)) ####################### # Load the error code # @@ -1228,9 +1333,9 @@ BuildFileList() exit 1 fi - ################################################# - # Itterate through the array of all files found # - ################################################# + ################################################ + # Iterate through the array of all files found # + ################################################ echo "" echo "----------------------------------------------" echo "Files that have been modified in the commit(s):" @@ -1419,6 +1524,32 @@ BuildFileList() # Set the READ_ONLY_CHANGE_FLAG since this could be exec # ########################################################## READ_ONLY_CHANGE_FLAG=1 + ########################### + # Get the Powershell files # + ########################### + elif [ "$FILE_TYPE" == "ps1" ]; then + ################################ + # Append the file to the array # + ################################ + FILE_ARRAY_POWERSHELL+=("$FILE") + elif [ "$FILE_TYPE" == "css" ]; then + ################################ + # Append the file to the array # + ################################ + FILE_ARRAY_CSS+=("$FILE") + ########################################################## + # Set the READ_ONLY_CHANGE_FLAG since this could be exec # + ########################################################## + READ_ONLY_CHANGE_FLAG=1 + elif [ "$FILE_TYPE" == "env" ]; then + ################################ + # Append the file to the array # + ################################ + FILE_ARRAY_ENV+=("$FILE") + ########################################################## + # Set the READ_ONLY_CHANGE_FLAG since this could be exec # + ########################################################## + READ_ONLY_CHANGE_FLAG=1 elif [ "$FILE" == "Dockerfile" ]; then ################################ # Append the file to the array # @@ -1576,7 +1707,7 @@ LintCodebase() if [ ${#FILE_ARRAY[@]} -eq 0 ] && [ "$VALIDATE_ALL_CODEBASE" == "false" ]; then # No files found in commit and user has asked to not validate code base SKIP_FLAG=1 - # echo " - No files found in chageset to lint for language:[$FILE_TYPE]" + # echo " - No files found in changeset to lint for language:[$FILE_TYPE]" elif [ ${#FILE_ARRAY[@]} -ne 0 ]; then # We have files added to array of files to check LIST_FILES=("${FILE_ARRAY[@]}") # Copy the array into list @@ -1644,10 +1775,26 @@ LintCodebase() echo "---------------------------" echo "File:[$FILE]" - ################################ - # Lint the file with the rules # - ################################ - LINT_CMD=$(cd "$GITHUB_WORKSPACE" || exit; $LINTER_COMMAND "$FILE" 2>&1) + #################### + # Set the base Var # + #################### + LINT_CMD='' + + ####################################### + # Corner case for Powershell subshell # + ####################################### + if [[ "$FILE_TYPE" == "POWERSHELL" ]]; then + ################################ + # Lint the file with the rules # + ################################ + # Need to append "'" to make the pwsh call syntax correct, also exit with exit code from inner subshell + LINT_CMD=$(cd "$GITHUB_WORKSPACE/$TEST_CASE_FOLDER" || exit; $LINTER_COMMAND "$FILE"; exit $? 2>&1) + else + ################################ + # Lint the file with the rules # + ################################ + LINT_CMD=$(cd "$GITHUB_WORKSPACE" || exit; $LINTER_COMMAND "$FILE" 2>&1) + fi ####################### # Load the error code # @@ -1814,6 +1961,12 @@ TestCodebase() # Lint the file with the rules # ################################ LINT_CMD=$(cd "$GITHUB_WORKSPACE/$TEST_CASE_FOLDER/ansible" || exit; $LINTER_COMMAND "$FILE" 2>&1) + elif [[ "$FILE_TYPE" == "POWERSHELL" ]]; then + ################################ + # Lint the file with the rules # + ################################ + # Need to append "'" to make the pwsh call syntax correct, also exit with exit code from inner subshell + LINT_CMD=$(cd "$GITHUB_WORKSPACE/$TEST_CASE_FOLDER" || exit; $LINTER_COMMAND "$FILE"; exit $? 2>&1) else ################################ # Lint the file with the rules # @@ -1905,10 +2058,16 @@ Footer() fi done + ################################## + # Exit with 0 if errors disabled # + ################################## + if [ "$DISABLE_ERRORS" == "true" ]; then + echo "WARN! Exiting with exit code:[0] as:[DISABLE_ERRORS] was set to:[$DISABLE_ERRORS]" + exit 0 ############################### # Exit with 1 if errors found # ############################### - if [ "$ERRORS_FOUND_YML" -ne 0 ] || \ + elif [ "$ERRORS_FOUND_YML" -ne 0 ] || \ [ "$ERRORS_FOUND_JSON" -ne 0 ] || \ [ "$ERRORS_FOUND_XML" -ne 0 ] || \ [ "$ERRORS_FOUND_MARKDOWN" -ne 0 ] || \ @@ -1925,7 +2084,10 @@ Footer() [ "$ERRORS_FOUND_DOCKER" -ne 0 ] || \ [ "$ERRORS_FOUND_GO" -ne 0 ] || \ [ "$ERRORS_FOUND_TERRAFORM" -ne 0 ] || \ - [ "$ERRORS_FOUND_RUBY" -ne 0 ]; then + [ "$ERRORS_FOUND_POWERSHELL" -ne 0 ] || \ + [ "$ERRORS_FOUND_RUBY" -ne 0 ] || \ + [ "$ERRORS_FOUND_CSS" -ne 0 ] || \ + [ "$ERRORS_FOUND_ENV" -ne 0 ]; then # Failed exit echo "Exiting with errors found!" exit 1 @@ -1947,11 +2109,11 @@ RunTestCases() { # This loop will run the test cases and exclude user code # This is called from the automation process to validate new code - # When a PR is opened, the new code is validated with the master branch + # When a PR is opened, the new code is validated with the default branch # version of linter.sh, and a new container is built with the latest codebase # for testing. That container is spun up, and ran, # with the flag: TEST_CASE_RUN=true - # So that the new code can be validated againt the test cases + # So that the new code can be validated against the test cases ################# # Header prints # @@ -1983,6 +2145,9 @@ RunTestCases() TestCodebase "DOCKER" "/dockerfilelint/bin/dockerfilelint" "/dockerfilelint/bin/dockerfilelint" ".*\(Dockerfile\)\$" TestCodebase "ANSIBLE" "ansible-lint" "ansible-lint -v -c $ANSIBLE_LINTER_RULES" "ansible-lint" TestCodebase "TERRAFORM" "tflint" "tflint -c $TERRAFORM_LINTER_RULES" ".*\.\(tf\)\$" + TestCodebase "POWERSHELL" "pwsh" "pwsh -c Invoke-ScriptAnalyzer -EnableExit -Settings $POWERSHELL_LINTER_RULES -Path" ".*\.\(ps1\|psm1\|psd1\|ps1xml\|pssc\|psrc\|cdxml\)\$" + TestCodebase "CSS" "stylelint" "stylelint --config $CSS_LINTER_RULES" ".*\.\(css\)\$" + TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\).*\$" ################# # Footer prints # @@ -2001,15 +2166,15 @@ RunTestCases() Header ####################### -# Get Github Env Vars # +# Get GitHub Env Vars # ####################### -# Need to pull in all the Github variables +# Need to pull in all the GitHub variables # needed to connect back and update checks GetGitHubVars -########################################## -# Get the langugages we need to validate # -########################################## +######################################### +# Get the languages we need to validate # +######################################### GetValidationInfo ######################## @@ -2037,6 +2202,10 @@ GetLinterRules "$GO_FILE_NAME" "$GO_LINTER_RULES" GetLinterRules "$DOCKER_FILE_NAME" "$DOCKER_LINTER_RULES" # Get Terraform rules GetLinterRules "$TERRAFORM_FILE_NAME" "$TERRAFORM_LINTER_RULES" +# Get PowerShell rules +GetLinterRules "$POWERSHELL_FILE_NAME" "$POWERSHELL_LINTER_RULES" +# Get CSS rules +GetLinterRules "$CSS_FILE_NAME" "$CSS_LINTER_RULES" ################################# # Check if were in verbose mode # @@ -2263,6 +2432,31 @@ if [ "$VALIDATE_TYPESCRIPT_STANDARD" == "true" ]; then LintCodebase "TYPESCRIPT_STANDARD" "standard" "standard --parser @typescript-eslint/parser --plugin @typescript-eslint/eslint-plugin $TYPESCRIPT_STANDARD_LINTER_RULES" ".*\.\(ts\)\$" "${FILE_ARRAY_TYPESCRIPT_STANDARD[@]}" fi +############### +# CSS LINTING # +############### +if [ "$VALIDATE_CSS" == "true" ]; then + ################################# + # Get CSS standard rules # + ################################# + GetStandardRules "stylelint" + ############################# + # Lint the CSS files # + ############################# + LintCodebase "CSS" "stylelint" "stylelint --config $CSS_LINTER_RULES" ".*\.\(css\)\$" "${FILE_ARRAY_CSS[@]}" +fi + +############### +# ENV LINTING # +############### +if [ "$VALIDATE_ENV" == "true" ]; then + ####################### + # Lint the env files # + ####################### + # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" + LintCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\).*\$" "${FILE_ARRAY_ENV[@]}" +fi + ################## # DOCKER LINTING # ################## @@ -2274,6 +2468,17 @@ if [ "$VALIDATE_DOCKER" == "true" ]; then LintCodebase "DOCKER" "/dockerfilelint/bin/dockerfilelint" "/dockerfilelint/bin/dockerfilelint" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" fi +###################### +# POWERSHELL LINTING # +###################### +if [ "$VALIDATE_POWERSHELL" == "true" ]; then + ############################# + # Lint the powershell files # + ############################# + # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" + LintCodebase "POWERSHELL" "pwsh" "pwsh -c Invoke-ScriptAnalyzer -EnableExit -Settings $POWERSHELL_LINTER_RULES -Path" ".*\.\(ps1\|psm1\|psd1\|ps1xml\|pssc\|psrc\|cdxml\)\$" "${FILE_ARRAY_POWERSHELL[@]}" +fi + ########## # Footer # ##########