feat: configure github server url (#5792)

Allow the configuration of the GitHub server URL, and add some
validation rules that check for common misconfigurations.

Close #5572
This commit is contained in:
Marco Ferrari 2024-06-21 08:54:19 +02:00 committed by GitHub
parent c99ec7784a
commit cef17760de
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 152 additions and 9 deletions

View file

@ -210,7 +210,8 @@ You can configure super-linter using the following environment variables:
| **GITHUB_ACTIONS_CONFIG_FILE** | `actionlint.yml` | Filename for [Actionlint configuration](https://github.com/rhysd/actionlint/blob/main/docs/config.md) (ex: `actionlint.yml`) | | **GITHUB_ACTIONS_CONFIG_FILE** | `actionlint.yml` | Filename for [Actionlint configuration](https://github.com/rhysd/actionlint/blob/main/docs/config.md) (ex: `actionlint.yml`) |
| **GITHUB_ACTIONS_COMMAND_ARGS** | `null` | Additional arguments passed to `actionlint` command. Useful to [ignore some errors](https://github.com/rhysd/actionlint/blob/main/docs/usage.md#ignore-some-errors) | | **GITHUB_ACTIONS_COMMAND_ARGS** | `null` | Additional arguments passed to `actionlint` command. Useful to [ignore some errors](https://github.com/rhysd/actionlint/blob/main/docs/usage.md#ignore-some-errors) |
| **GITHUB_CUSTOM_API_URL** | `https://api.${GITHUB_DOMAIN}` | Specify a custom GitHub API URL in case GitHub Enterprise is used: e.g. `https://github.myenterprise.com/api/v3` | | **GITHUB_CUSTOM_API_URL** | `https://api.${GITHUB_DOMAIN}` | Specify a custom GitHub API URL in case GitHub Enterprise is used: e.g. `https://github.myenterprise.com/api/v3` |
| **GITHUB_DOMAIN** | `github.com` | Specify a custom GitHub domain in case GitHub Enterprise is used: e.g. `github.myenterprise.com` | | **GITHUB_CUSTOM_SERVER_URL** | `https://${GITHUB_DOMAIN}"` | Specify a custom GitHub server URL. Useful for GitHub Enterprise instances. |
| **GITHUB_DOMAIN** | `github.com` | Specify a custom GitHub domain in case GitHub Enterprise is used: e.g. `github.myenterprise.com`. `GITHUB_DOMAIN` is a convenience configuration variable to automatically build `GITHUB_CUSTOM_API_URL` and `GITHUB_CUSTOM_SERVER_URL`. |
| **GITLEAKS_CONFIG_FILE** | `.gitleaks.toml` | Filename for [GitLeaks configuration](https://github.com/zricethezav/gitleaks#configuration) (ex: `.gitleaks.toml`) | | **GITLEAKS_CONFIG_FILE** | `.gitleaks.toml` | Filename for [GitLeaks configuration](https://github.com/zricethezav/gitleaks#configuration) (ex: `.gitleaks.toml`) |
| **IGNORE_GENERATED_FILES** | `false` | If set to `true`, super-linter will ignore all the files with `@generated` marker but without `@not-generated` marker. | | **IGNORE_GENERATED_FILES** | `false` | If set to `true`, super-linter will ignore all the files with `@generated` marker but without `@not-generated` marker. |
| **IGNORE_GITIGNORED_FILES** | `false` | If set to `true`, super-linter will ignore all the files that are ignored by Git. | | **IGNORE_GITIGNORED_FILES** | `false` | If set to `true`, super-linter will ignore all the files that are ignored by Git. |

20
lib/functions/githubDomain.sh Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env bash
DEFAULT_GITHUB_DOMAIN="github.com"
GITHUB_DOMAIN="${GITHUB_DOMAIN:-${DEFAULT_GITHUB_DOMAIN}}"
GITHUB_DOMAIN="${GITHUB_DOMAIN%/}" # Remove trailing slash if present
# GitHub API root url
GITHUB_API_URL="${GITHUB_CUSTOM_API_URL:-"https://api.${GITHUB_DOMAIN}"}"
GITHUB_API_URL="${GITHUB_API_URL%/}" # Remove trailing slash if present
# shellcheck disable=SC2034 # Variable is referenced indirectly
GITHUB_SERVER_URL="${GITHUB_CUSTOM_SERVER_URL:-"https://${GITHUB_DOMAIN}"}"
GITHUB_SERVER_URL="${GITHUB_SERVER_URL%/}" # Remove trailing slash if present
# shellcheck disable=SC2034 # Variable is referenced indirectly
GITHUB_META_URL="${GITHUB_API_URL}/meta"
debug "GitHub server URL: ${GITHUB_SERVER_URL}"
debug "GitHub API URL: ${GITHUB_API_URL}"
debug "GitHub meta URL: ${GITHUB_META_URL}"

View file

@ -261,6 +261,37 @@ function CheckovConfigurationFileContainsDirectoryOption() {
} }
export -f CheckovConfigurationFileContainsDirectoryOption export -f CheckovConfigurationFileContainsDirectoryOption
function ValidateGitHubUrls() {
if [[ -z "${DEFAULT_GITHUB_DOMAIN:-}" ]]; then
error "DEFAULT_GITHUB_DOMAIN is empty."
return 1
fi
debug "Default GitHub domain: ${DEFAULT_GITHUB_DOMAIN}"
if [[ -z "${GITHUB_DOMAIN:-}" ]]; then
error "GITHUB_DOMAIN is empty."
return 1
fi
debug "GitHub domain: ${GITHUB_DOMAIN}"
if [[ "${GITHUB_DOMAIN}" != "${DEFAULT_GITHUB_DOMAIN}" ]]; then
debug "GITHUB_DOMAIN (${GITHUB_DOMAIN}) is not set to the default GitHub domain (${DEFAULT_GITHUB_DOMAIN})"
if [[ -n "${GITHUB_CUSTOM_API_URL:-}" || -n "${GITHUB_CUSTOM_SERVER_URL:-}" ]]; then
error "Cannot set GITHUB_DOMAIN (${GITHUB_DOMAIN}) along with GITHUB_CUSTOM_API_URL (${GITHUB_CUSTOM_API_URL:-}) or with GITHUB_CUSTOM_SERVER_URL (${GITHUB_CUSTOM_SERVER_URL:-})."
return 1
fi
else
debug "GITHUB_DOMAIN (${GITHUB_DOMAIN}) is set to the default GitHub domain (${DEFAULT_GITHUB_DOMAIN})"
if [[ -n "${GITHUB_CUSTOM_API_URL:-}" && -z "${GITHUB_CUSTOM_SERVER_URL:-}" ]] ||
[[ -z "${GITHUB_CUSTOM_API_URL:-}" && -n "${GITHUB_CUSTOM_SERVER_URL:-}" ]]; then
error "Configure both GITHUB_CUSTOM_API_URL and GITHUB_CUSTOM_SERVER_URL. Current values: GITHUB_CUSTOM_API_URL: ${GITHUB_CUSTOM_API_URL:-}, GITHUB_CUSTOM_SERVER_URL: ${GITHUB_CUSTOM_SERVER_URL:-}"
return 1
fi
fi
}
function WarnIfVariableIsSet() { function WarnIfVariableIsSet() {
local INPUT_VARIABLE="${1}" local INPUT_VARIABLE="${1}"
shift shift

View file

@ -29,6 +29,12 @@ source /action/lib/functions/worker.sh # Source the function script(s)
source /action/lib/functions/setupSSH.sh # Source the function script(s) source /action/lib/functions/setupSSH.sh # Source the function script(s)
# shellcheck source=/dev/null # shellcheck source=/dev/null
source /action/lib/functions/githubEvent.sh source /action/lib/functions/githubEvent.sh
# shellcheck source=/dev/null
source /action/lib/functions/githubDomain.sh
if ! ValidateGitHubUrls; then
fatal "GitHub URLs failed validation"
fi
# We want a lowercase value # We want a lowercase value
declare -l RUN_LOCAL declare -l RUN_LOCAL
@ -119,14 +125,6 @@ FILTER_REGEX_INCLUDE="${FILTER_REGEX_INCLUDE:-""}"
export FILTER_REGEX_INCLUDE export FILTER_REGEX_INCLUDE
FILTER_REGEX_EXCLUDE="${FILTER_REGEX_EXCLUDE:-""}" FILTER_REGEX_EXCLUDE="${FILTER_REGEX_EXCLUDE:-""}"
export FILTER_REGEX_EXCLUDE export FILTER_REGEX_EXCLUDE
GITHUB_DOMAIN="${GITHUB_DOMAIN:-"github.com"}"
GITHUB_DOMAIN="${GITHUB_DOMAIN%/}" # Remove trailing slash if present
# GitHub API root url
GITHUB_API_URL="${GITHUB_CUSTOM_API_URL:-"https://api.${GITHUB_DOMAIN}"}"
GITHUB_API_URL="${GITHUB_API_URL%/}" # Remove trailing slash if present
GITHUB_SERVER_URL="https://${GITHUB_DOMAIN}"
# shellcheck disable=SC2034 # Variable is referenced indirectly
GITHUB_META_URL="${GITHUB_API_URL}/meta"
LINTER_RULES_PATH="${LINTER_RULES_PATH:-.github/linters}" # Linter rules directory LINTER_RULES_PATH="${LINTER_RULES_PATH:-.github/linters}" # Linter rules directory
# shellcheck disable=SC2034 # Variable is referenced in other scripts # shellcheck disable=SC2034 # Variable is referenced in other scripts
RAW_FILE_ARRAY=() # Array of all files that were changed RAW_FILE_ARRAY=() # Array of all files that were changed

View file

@ -56,6 +56,99 @@ function ValidateDeprecatedVariablesTest() {
notice "${FUNCTION_NAME} PASS" notice "${FUNCTION_NAME} PASS"
} }
function ValidateGitHubUrlsTest() {
FUNCTION_NAME="${FUNCNAME[0]}"
# shellcheck disable=SC2034
DEFAULT_GITHUB_DOMAIN="github.com"
# shellcheck disable=SC2034
GITHUB_DOMAIN=
if ValidateGitHubUrls; then
fatal "Empty GITHUB_DOMAIN should have failed validation"
else
info "Empty GITHUB_DOMAIN passed validation"
fi
# shellcheck disable=SC2034
GITHUB_DOMAIN="github.example.com"
if ! ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} should have passed validation"
else
info "${GITHUB_DOMAIN} passed validation"
fi
unset GITHUB_DOMAIN
# shellcheck disable=SC2034
GITHUB_DOMAIN="${DEFAULT_GITHUB_DOMAIN}"
if ! ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} should have passed validation"
else
info "${GITHUB_DOMAIN} passed validation"
fi
unset GITHUB_DOMAIN
GITHUB_DOMAIN="github.example.com"
# shellcheck disable=SC2034
GITHUB_CUSTOM_API_URL="github.custom.api.url"
if ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_API_URL} should have failed validation"
else
info "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_API_URL} failed validation as expected"
fi
unset GITHUB_DOMAIN
unset GITHUB_CUSTOM_API_URL
# shellcheck disable=SC2034
GITHUB_DOMAIN="github.example.com"
GITHUB_CUSTOM_SERVER_URL="github.custom.server.url"
if ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_SERVER_URL} should have failed validation"
else
info "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_SERVER_URL} failed validation as expected"
fi
unset GITHUB_DOMAIN
unset GITHUB_CUSTOM_SERVER_URL
# shellcheck disable=SC2034
GITHUB_DOMAIN="${DEFAULT_GITHUB_DOMAIN}"
GITHUB_CUSTOM_API_URL="github.custom.api.url"
if ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_API_URL} should have failed validation"
else
info "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_API_URL} failed validation as expected"
fi
unset GITHUB_DOMAIN
unset GITHUB_CUSTOM_API_URL
# shellcheck disable=SC2034
GITHUB_DOMAIN="${DEFAULT_GITHUB_DOMAIN}"
GITHUB_CUSTOM_SERVER_URL="github.custom.server.url"
if ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_SERVER_URL} should have failed validation"
else
info "${GITHUB_DOMAIN} and ${GITHUB_CUSTOM_SERVER_URL} failed validation as expected"
fi
unset GITHUB_DOMAIN
unset GITHUB_CUSTOM_SERVER_URL
# shellcheck disable=SC2034
GITHUB_DOMAIN="${DEFAULT_GITHUB_DOMAIN}"
GITHUB_CUSTOM_API_URL="github.custom.api.url"
GITHUB_CUSTOM_SERVER_URL="github.custom.server.url"
if ! ValidateGitHubUrls; then
fatal "${GITHUB_DOMAIN}, ${GITHUB_CUSTOM_API_URL}, and ${GITHUB_CUSTOM_SERVER_URL} should have passed validation"
else
info "${GITHUB_DOMAIN}, ${GITHUB_CUSTOM_API_URL}, and ${GITHUB_CUSTOM_SERVER_URL} passed validation as expected"
fi
unset GITHUB_DOMAIN
unset GITHUB_CUSTOM_API_URL
unset GITHUB_CUSTOM_SERVER_URL
notice "${FUNCTION_NAME} PASS"
}
IsUnsignedIntegerSuccessTest IsUnsignedIntegerSuccessTest
IsUnsignedIntegerFailureTest IsUnsignedIntegerFailureTest
ValidateDeprecatedVariablesTest ValidateDeprecatedVariablesTest
ValidateGitHubUrlsTest