mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-09 10:33:37 -05:00
3a5617235c
Deprecate the ERROR_ON_MISSING_EXEC_BIT variable to remove a confusing corner case, and to align the BASH_EXEC check to how super-linter handles other linters.
329 lines
11 KiB
Bash
Executable file
329 lines
11 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
function GetValidationInfo() {
|
|
############################################
|
|
# Print headers for user provided env vars #
|
|
############################################
|
|
info "--------------------------------------------"
|
|
info "Gathering user validation information..."
|
|
|
|
if [[ "${USE_FIND_ALGORITHM}" == "true" ]] && [[ "${VALIDATE_ALL_CODEBASE}" == "false" ]]; then
|
|
fatal "Setting USE_FIND_ALGORITHM to true and VALIDATE_ALL_CODEBASE to false is not supported because super-linter relies on Git to validate changed files."
|
|
fi
|
|
|
|
###########################################
|
|
# Skip validation if were running locally #
|
|
###########################################
|
|
if [[ ${RUN_LOCAL} != "true" ]]; then
|
|
###############################
|
|
# Convert string to lowercase #
|
|
###############################
|
|
VALIDATE_ALL_CODEBASE="${VALIDATE_ALL_CODEBASE,,}"
|
|
######################################
|
|
# Validate we should check all files #
|
|
######################################
|
|
if [[ ${VALIDATE_ALL_CODEBASE} != "false" ]]; then
|
|
# Set to true
|
|
VALIDATE_ALL_CODEBASE="${DEFAULT_VALIDATE_ALL_CODEBASE}"
|
|
info "- Validating ALL files in code base..."
|
|
else
|
|
info "- Only validating [new], or [edited] files in code base..."
|
|
fi
|
|
fi
|
|
|
|
######################
|
|
# Create Print Array #
|
|
######################
|
|
PRINT_ARRAY=()
|
|
|
|
################################
|
|
# Convert strings to lowercase #
|
|
################################
|
|
# Loop through all languages
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
# build the variable
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
# Set the value of the var to lowercase
|
|
eval "${VALIDATE_LANGUAGE}=${!VALIDATE_LANGUAGE,,}"
|
|
done
|
|
|
|
################################################
|
|
# Determine if any linters were explicitly set #
|
|
################################################
|
|
ANY_SET="false"
|
|
ANY_TRUE="false"
|
|
ANY_FALSE="false"
|
|
# Loop through all languages
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
# build the variable
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
# Check to see if the variable was set
|
|
if [ -n "${!VALIDATE_LANGUAGE}" ]; then
|
|
# It was set, need to set flag
|
|
ANY_SET="true"
|
|
if [ "${!VALIDATE_LANGUAGE}" == "true" ]; then
|
|
ANY_TRUE="true"
|
|
elif [ "${!VALIDATE_LANGUAGE}" == "false" ]; then
|
|
ANY_FALSE="true"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [ $ANY_TRUE == "true" ] && [ $ANY_FALSE == "true" ]; then
|
|
fatal "Behavior not supported, please either only include (VALIDATE=true) or exclude (VALIDATE=false) linters, but not both"
|
|
fi
|
|
|
|
#########################################################
|
|
# Validate if we should check/omit individual languages #
|
|
#########################################################
|
|
# Loop through all languages
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
# build the variable
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
# Check if ANY_SET was set
|
|
if [[ ${ANY_SET} == "true" ]]; then
|
|
# Check to see if the variable was set
|
|
if [ -z "${!VALIDATE_LANGUAGE}" ]; then
|
|
# Flag was not set, default to:
|
|
# if ANY_TRUE then set to false
|
|
# if ANY_FALSE then set to true
|
|
eval "${VALIDATE_LANGUAGE}='$ANY_FALSE'"
|
|
fi
|
|
else
|
|
# No linter flags were set - default all to true
|
|
eval "${VALIDATE_LANGUAGE}='true'"
|
|
fi
|
|
eval "export ${VALIDATE_LANGUAGE}"
|
|
done
|
|
|
|
#######################################
|
|
# Print which linters we are enabling #
|
|
#######################################
|
|
# Loop through all languages
|
|
for LANGUAGE in "${LANGUAGE_ARRAY[@]}"; do
|
|
# build the variable
|
|
VALIDATE_LANGUAGE="VALIDATE_${LANGUAGE}"
|
|
if [[ ${!VALIDATE_LANGUAGE} == "true" ]]; then
|
|
# We need to validate
|
|
PRINT_ARRAY+=("- Validating [${LANGUAGE}] files in code base...")
|
|
|
|
debug "Defining variables for ${LANGUAGE} linter..."
|
|
|
|
ERRORS_VARIABLE_NAME="ERRORS_FOUND_${LANGUAGE}"
|
|
debug "Setting ${ERRORS_VARIABLE_NAME} variable value to 0..."
|
|
eval "${ERRORS_VARIABLE_NAME}=0"
|
|
debug "Exporting ${ERRORS_VARIABLE_NAME} variable..."
|
|
eval "export ${ERRORS_VARIABLE_NAME}"
|
|
else
|
|
# We are skipping the language
|
|
PRINT_ARRAY+=("- Excluding [$LANGUAGE] files in code base...")
|
|
fi
|
|
done
|
|
|
|
##############################
|
|
# Validate Ansible Directory #
|
|
##############################
|
|
if [ -z "${ANSIBLE_DIRECTORY}" ]; then
|
|
ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}/ansible"
|
|
debug "Set ANSIBLE_DIRECTORY to the default: ${ANSIBLE_DIRECTORY}"
|
|
else
|
|
debug "ANSIBLE_DIRECTORY before considering corner cases: ${ANSIBLE_DIRECTORY}"
|
|
# Check if first char is '/'
|
|
if [[ ${ANSIBLE_DIRECTORY:0:1} == "/" ]]; then
|
|
# Remove first char
|
|
ANSIBLE_DIRECTORY="${ANSIBLE_DIRECTORY:1}"
|
|
fi
|
|
|
|
if [ -z "${ANSIBLE_DIRECTORY}" ] || [[ ${ANSIBLE_DIRECTORY} == "." ]]; then
|
|
# Catches the case where ANSIBLE_DIRECTORY="/" or ANSIBLE_DIRECTORY="."
|
|
TEMP_ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}"
|
|
else
|
|
# Need to give it full path
|
|
TEMP_ANSIBLE_DIRECTORY="${GITHUB_WORKSPACE}/${ANSIBLE_DIRECTORY}"
|
|
fi
|
|
|
|
# Set the value
|
|
ANSIBLE_DIRECTORY="${TEMP_ANSIBLE_DIRECTORY}"
|
|
debug "Setting Ansible directory to: ${ANSIBLE_DIRECTORY}"
|
|
fi
|
|
|
|
###############################
|
|
# Get the disable errors flag #
|
|
###############################
|
|
if [ -z "${DISABLE_ERRORS}" ]; then
|
|
##################################
|
|
# No flag passed, set to default #
|
|
##################################
|
|
DISABLE_ERRORS="${DEFAULT_DISABLE_ERRORS}"
|
|
fi
|
|
|
|
###############################
|
|
# Convert string to lowercase #
|
|
###############################
|
|
DISABLE_ERRORS="${DISABLE_ERRORS,,}"
|
|
|
|
############################
|
|
# Set to false if not true #
|
|
############################
|
|
if [ "${DISABLE_ERRORS}" != "true" ]; then
|
|
DISABLE_ERRORS="false"
|
|
fi
|
|
|
|
############################
|
|
# Get the run verbose flag #
|
|
############################
|
|
if [ -z "${ACTIONS_RUNNER_DEBUG}" ]; then
|
|
##################################
|
|
# No flag passed, set to default #
|
|
##################################
|
|
ACTIONS_RUNNER_DEBUG="${DEFAULT_ACTIONS_RUNNER_DEBUG}"
|
|
fi
|
|
|
|
###############################
|
|
# Convert string to lowercase #
|
|
###############################
|
|
ACTIONS_RUNNER_DEBUG="${ACTIONS_RUNNER_DEBUG,,}"
|
|
|
|
############################
|
|
# Set to true if not false #
|
|
############################
|
|
if [ "${ACTIONS_RUNNER_DEBUG}" != "false" ]; then
|
|
ACTIONS_RUNNER_DEBUG="true"
|
|
fi
|
|
|
|
###########################
|
|
# Print the validate info #
|
|
###########################
|
|
for LINE in "${PRINT_ARRAY[@]}"; do
|
|
debug "${LINE}"
|
|
done
|
|
|
|
debug "--- DEBUG INFO ---"
|
|
debug "---------------------------------------------"
|
|
RUNNER=$(id -un 2>/dev/null)
|
|
debug "Runner:[${RUNNER}]"
|
|
PRINTENV=$(printenv | sort)
|
|
debug "ENV:"
|
|
debug "${PRINTENV}"
|
|
debug "---------------------------------------------"
|
|
}
|
|
|
|
function CheckIfGitBranchExists() {
|
|
local BRANCH_NAME="${1}"
|
|
debug "Check if the ${BRANCH_NAME} branch exists in ${GITHUB_WORKSPACE}"
|
|
if ! git -C "${GITHUB_WORKSPACE}" rev-parse --quiet --verify "${BRANCH_NAME}"; then
|
|
info "The ${BRANCH_NAME} branch doesn't exist in ${GITHUB_WORKSPACE}"
|
|
return 1
|
|
else
|
|
debug "The ${BRANCH_NAME} branch exists in ${GITHUB_WORKSPACE}"
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
function ValidateLocalGitRepository() {
|
|
debug "Check if ${GITHUB_WORKSPACE} is a Git repository"
|
|
if ! git -C "${GITHUB_WORKSPACE}" rev-parse --git-dir; then
|
|
fatal "${GITHUB_WORKSPACE} is not a Git repository."
|
|
else
|
|
debug "${GITHUB_WORKSPACE} is a Git repository"
|
|
fi
|
|
|
|
debug "Git branches: $(git -C "${GITHUB_WORKSPACE}" branch -a)"
|
|
}
|
|
|
|
function CheckIfGitRefExists() {
|
|
local GIT_REF=${1}
|
|
if git -C "${GITHUB_WORKSPACE}" cat-file -e "${GIT_REF}"; then
|
|
return 0
|
|
else
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
function IsUnsignedInteger() {
|
|
case ${1} in
|
|
'' | *[!0-9]*)
|
|
return 1
|
|
;;
|
|
*)
|
|
return 0
|
|
;;
|
|
esac
|
|
}
|
|
|
|
function ValidateGitShaReference() {
|
|
debug "Git HEAD: $(git -C "${GITHUB_WORKSPACE}" show HEAD --stat)"
|
|
|
|
debug "Validate that the GITHUB_SHA reference (${GITHUB_SHA}) exists in this Git repository."
|
|
if ! CheckIfGitRefExists "${GITHUB_SHA}"; then
|
|
fatal "The GITHUB_SHA reference (${GITHUB_SHA}) doesn't exist in this Git repository"
|
|
else
|
|
debug "The GITHUB_SHA reference (${GITHUB_SHA}) exists in this repository"
|
|
fi
|
|
}
|
|
|
|
function ValidateGitBeforeShaReference() {
|
|
debug "Validating GITHUB_BEFORE_SHA: ${GITHUB_BEFORE_SHA}"
|
|
if [ -z "${GITHUB_BEFORE_SHA}" ] ||
|
|
[ "${GITHUB_BEFORE_SHA}" == "null" ] ||
|
|
[ "${GITHUB_BEFORE_SHA}" == "0000000000000000000000000000000000000000" ]; then
|
|
fatal "Failed to get GITHUB_BEFORE_SHA: [${GITHUB_BEFORE_SHA}]"
|
|
fi
|
|
|
|
debug "Validate that the GITHUB_BEFORE_SHA reference (${GITHUB_BEFORE_SHA}) exists in this Git repository."
|
|
if ! CheckIfGitRefExists "${GITHUB_BEFORE_SHA}"; then
|
|
fatal "The GITHUB_BEFORE_SHA reference (${GITHUB_BEFORE_SHA}) doesn't exist in this Git repository"
|
|
else
|
|
debug "The GITHUB_BEFORE_SHA reference (${GITHUB_BEFORE_SHA}) exists in this repository"
|
|
fi
|
|
}
|
|
|
|
function ValidateDefaultGitBranch() {
|
|
debug "Check if the default branch (${DEFAULT_BRANCH}) exists"
|
|
if ! CheckIfGitBranchExists "${DEFAULT_BRANCH}"; then
|
|
REMOTE_DEFAULT_BRANCH="origin/${DEFAULT_BRANCH}"
|
|
debug "The default branch (${DEFAULT_BRANCH}) doesn't exist in this Git repository. Trying with ${REMOTE_DEFAULT_BRANCH}"
|
|
if ! CheckIfGitBranchExists "${REMOTE_DEFAULT_BRANCH}"; then
|
|
fatal "Neither ${DEFAULT_BRANCH}, nor ${REMOTE_DEFAULT_BRANCH} exist in ${GITHUB_WORKSPACE}"
|
|
else
|
|
info "${DEFAULT_BRANCH} doesn't exist, however ${REMOTE_DEFAULT_BRANCH} exists. Setting DEFAULT_BRANCH to: ${REMOTE_DEFAULT_BRANCH}"
|
|
DEFAULT_BRANCH="${REMOTE_DEFAULT_BRANCH}"
|
|
debug "Updated DEFAULT_BRANCH: ${DEFAULT_BRANCH}"
|
|
fi
|
|
else
|
|
debug "The default branch (${DEFAULT_BRANCH}) exists in this repository"
|
|
fi
|
|
}
|
|
|
|
function CheckovConfigurationFileContainsDirectoryOption() {
|
|
local CHECKOV_LINTER_RULES_PATH="${1}"
|
|
local CONFIGURATION_OPTION_KEY="directory:"
|
|
debug "Checking if ${CHECKOV_LINTER_RULES_PATH} contains a '${CONFIGURATION_OPTION_KEY}' configuration option"
|
|
|
|
if grep -q "${CONFIGURATION_OPTION_KEY}" "${CHECKOV_LINTER_RULES_PATH}"; then
|
|
debug "${CHECKOV_LINTER_RULES_PATH} contains a '${CONFIGURATION_OPTION_KEY}' statement"
|
|
return 0
|
|
else
|
|
debug "${CHECKOV_LINTER_RULES_PATH} doesn't contain a '${CONFIGURATION_OPTION_KEY}' statement"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
function WarnIfVariableIsSet() {
|
|
local INPUT_VARIABLE="${1}"
|
|
shift
|
|
local INPUT_VARIABLE_NAME="${1}"
|
|
|
|
if [ -n "${INPUT_VARIABLE:-}" ]; then
|
|
warn "${INPUT_VARIABLE_NAME} environment variable is set, it's deprecated, and super-linter will ignore it. Remove it from your configuration. This warning may turn in a fatal error in the future."
|
|
fi
|
|
}
|
|
|
|
function ValidateDeprecatedVariables() {
|
|
|
|
# The following variables have been deprecated in v6
|
|
WarnIfVariableIsSet "${ERROR_ON_MISSING_EXEC_BIT}" "ERROR_ON_MISSING_EXEC_BIT"
|
|
WarnIfVariableIsSet "${EXPERIMENTAL_BATCH_WORKER}" "EXPERIMENTAL_BATCH_WORKER"
|
|
WarnIfVariableIsSet "${VALIDATE_JSCPD_ALL_CODEBASE}" "VALIDATE_JSCPD_ALL_CODEBASE"
|
|
WarnIfVariableIsSet "${VALIDATE_KOTLIN_ANDROID}" "VALIDATE_KOTLIN_ANDROID"
|
|
}
|