From 5f80422702e409fe926b447d32bae1cb4388f611 Mon Sep 17 00:00:00 2001 From: Mykyta Poberezhniy Date: Mon, 29 Apr 2024 21:53:21 +0300 Subject: [PATCH] pre-commit --- .pre-commit-hooks.yaml | 7 ++++ src/index.sh | 7 ++-- src/pre-commit.sh | 79 ++++++++++++++++++++++++++++++++++++++++++ src/validation.sh | 6 ++-- 4 files changed, 95 insertions(+), 4 deletions(-) create mode 100644 .pre-commit-hooks.yaml create mode 100755 src/pre-commit.sh diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml new file mode 100644 index 00000000..00f8a746 --- /dev/null +++ b/.pre-commit-hooks.yaml @@ -0,0 +1,7 @@ +- id: differential-shellcheck + name: Differential ShellCheck + description: Static analysis tool for changed shell scripts + language: docker + entry: /action/pre-commit.sh + types: [shell] + verbose: true diff --git a/src/index.sh b/src/index.sh index 1c96b0af..b6c4119c 100755 --- a/src/index.sh +++ b/src/index.sh @@ -11,6 +11,9 @@ WORK_DIR="${WORK_DIR-../}" declare \ GITHUB_STEP_SUMMARY +export GROUP="::group::" +export ENDGROUP="::endgroup::" + # Make directory $GITHUB_WORKSPACE (/github/workspace) git-save git config --global --add safe.directory "${GITHUB_WORKSPACE:-}" @@ -50,9 +53,9 @@ show_versions echo -e "${MAIN_HEADING}" -echo -e "::group::📜 ${WHITE}List of shell scripts for scanning${NOCOLOR}" +echo -e "${GROUP}📜 ${WHITE}List of shell scripts for scanning${NOCOLOR}" echo "${all_scripts[@]:-${only_changed_scripts[@]}}" -echo "::endgroup::" +echo "${ENDGROUP}" echo # ------------ # diff --git a/src/pre-commit.sh b/src/pre-commit.sh new file mode 100755 index 00000000..765ca005 --- /dev/null +++ b/src/pre-commit.sh @@ -0,0 +1,79 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-3.0-or-later + +INPUT_SEVERITY="style" + +for arg +do + case "${arg}" in + -S=*|--severity=*) + INPUT_SEVERITY="${arg#*=}" + shift + ;; + -S|--severity) + # shellcheck disable=SC2034 + INPUT_SEVERITY="$2" + # shellcheck disable=SC2016 + shift 2 || { echo 'option `--severity` requires an argument SEVERITY' >&2; exit 1; } + ;; + -x|--external-sources) + # shellcheck disable=SC2034 + INPUT_EXTERNAL_SOURCES=y + shift + ;; + *) + break + ;; + esac +done + +SCRIPT_DIR="$(dirname "$(readlink -f "$0")")/" +export SCRIPT_DIR + +# shellcheck source=functions.sh +. "${SCRIPT_DIR-}functions.sh" + +WORK_DIR="$(mktemp -d)/" +export WORK_DIR + +export GROUP="" +export ENDGROUP="" + +only_changed_scripts=("$@") + +echo -e "${VERSIONS_HEADING}" +show_versions + +echo -e "${MAIN_HEADING}" + +echo -e "📜 ${WHITE}List of shell scripts for scanning${NOCOLOR}" + echo "${only_changed_scripts[@]}" +echo + +# ------------ # +# SHELLCHECK # +# ------------ # + +exit_status=0 + +execute_shellcheck "${only_changed_scripts[@]}" > "${WORK_DIR}head-shellcheck.err" + +git stash >/dev/null + +execute_shellcheck "${only_changed_scripts[@]}" > "${WORK_DIR}base-shellcheck.err" + +git stash apply --index >/dev/null + +get_fixes "${WORK_DIR}base-shellcheck.err" "${WORK_DIR}head-shellcheck.err" +evaluate_and_print_fixes + +get_defects "${WORK_DIR}head-shellcheck.err" "${WORK_DIR}base-shellcheck.err" + +echo + +evaluate_and_print_defects +exit_status=$? + +summary + +exit "${exit_status}" diff --git a/src/validation.sh b/src/validation.sh index 1210a29e..2d92d7a5 100644 --- a/src/validation.sh +++ b/src/validation.sh @@ -5,6 +5,8 @@ . "${SCRIPT_DIR=}summary.sh" WORK_DIR="${WORK_DIR-../}" +GROUP=${GROUP-"::group::"} +ENDGROUP=${ENDGROUP-"::endgroup::"} # Get file containing fixes based on two input files # $1 - absolute path to a file containing results from BASE scan @@ -64,11 +66,11 @@ evaluate_and_print_defects () { # Function to print statistics of defects # it requires gather_statistics to be called first print_statistics () { - echo -e "::group::📊 ${WHITE}Statistics of defects${NOCOLOR}" + echo -e "${GROUP}📊 ${WHITE}Statistics of defects${NOCOLOR}" [[ -n ${stat_error} ]] && echo -e "Error: ${stat_error}" [[ -n ${stat_warning} ]] && echo -e "Warning: ${stat_warning}" [[ -n ${stat_info} ]] && echo -e "Style or Note: ${stat_info}" - echo "::endgroup::" + echo "${ENDGROUP}" echo }