robojerk/codeql-action

Only report the first CheckoutWrongHead lint error

Browse source
This commit is contained in:
Simon Engledew 2020-12-21 10:55:55 +00:00
parent dc999c55d0
commit e89a24b8cb
No known key found for this signature in database
GPG key ID: 84302E7B02FE8BCE
6 changed files with 50 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/actions-util.js generated
View file

@ -167,7 +167,7 @@ function validateWorkflow(doc) {
var _a, _b, _c, _d, _e, _f, _g, _h;
const errors = [];
// .jobs[key].steps[].run
for (const job of Object.values(((_a = doc) === null || _a === void 0 ? void 0 : _a.jobs) || {})) {
outer: for (const job of Object.values(((_a = doc) === null || _a === void 0 ? void 0 : _a.jobs) || {})) {
if (Array.isArray((_b = job) === null || _b === void 0 ? void 0 : _b.steps)) {
for (const step of (_c = job) === null || _c === void 0 ? void 0 : _c.steps) {
// this was advice that we used to give in the README
@ -177,6 +177,7 @@ function validateWorkflow(doc) {
// and avoid some race conditions
if (((_d = step) === null || _d === void 0 ? void 0 : _d.run) === "git checkout HEAD^2") {
errors.push(exports.WorkflowErrors.CheckoutWrongHead);
break outer;
}
}
}

2
lib/actions-util.js.map
View file

File diff suppressed because one or more lines are too long

20
lib/actions-util.test.js generated
View file

@ -314,4 +314,24 @@ on:
`));
t.deepEqual(errors, []);
});
ava_1.default("validateWorkflow() should only report the first CheckoutWrongHead", (t) => {
const errors = actionsutil.validateWorkflow(yaml.safeLoad(`
name: "CodeQL"
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
jobs:
test:
steps:
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
`));
t.deepEqual(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]);
});
//# sourceMappingURL=actions-util.test.js.map

2
lib/actions-util.test.js.map
View file

File diff suppressed because one or more lines are too long

24
src/actions-util.test.ts
View file

@ -432,3 +432,27 @@ on:
t.deepEqual(errors, []);
});
test("validateWorkflow() should only report the first CheckoutWrongHead", (t) => {
const errors = actionsutil.validateWorkflow(
yaml.safeLoad(`
name: "CodeQL"
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
jobs:
test:
steps:
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
- run: "git checkout HEAD^2"
`)
);
t.deepEqual(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]);
});

3
src/actions-util.ts
View file

@ -212,7 +212,7 @@ export function validateWorkflow(doc: Workflow): CodedError[] {
const errors: CodedError[] = [];
// .jobs[key].steps[].run
for (const job of Object.values(doc?.jobs || {})) {
outer: for (const job of Object.values(doc?.jobs || {})) {
if (Array.isArray(job?.steps)) {
for (const step of job?.steps) {
// this was advice that we used to give in the README
@ -222,6 +222,7 @@ export function validateWorkflow(doc: Workflow): CodedError[] {
// and avoid some race conditions
if (step?.run === "git checkout HEAD^2") {
errors.push(WorkflowErrors.CheckoutWrongHead);
break outer;
}
}
}