mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2025-01-04 22:58:43 +00:00
106 lines
2.5 KiB
Go
106 lines
2.5 KiB
Go
|
package parser
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"strings"
|
||
|
|
||
|
"github.com/drone/drone/common"
|
||
|
)
|
||
|
|
||
|
// lintRule defines a function that runs lint
|
||
|
// checks against a Yaml Config file. If the rule
|
||
|
// fails it should return an error message.
|
||
|
type lintRule func(*common.Config) error
|
||
|
|
||
|
var lintRules = [...]lintRule{
|
||
|
expectBuild,
|
||
|
expectImage,
|
||
|
expectCommand,
|
||
|
expectTrustedSetup,
|
||
|
expectTrustedClone,
|
||
|
expectTrustedPublish,
|
||
|
expectTrustedDeploy,
|
||
|
expectTrustedNotify,
|
||
|
}
|
||
|
|
||
|
// Lint runs all lint rules against the Yaml Config.
|
||
|
func Lint(c *common.Config) error {
|
||
|
for _, rule := range lintRules {
|
||
|
err := rule(c)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when no build is defined
|
||
|
func expectBuild(c *common.Config) error {
|
||
|
if c.Build == nil {
|
||
|
return fmt.Errorf("Yaml must define a build section")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when no build image is defined
|
||
|
func expectImage(c *common.Config) error {
|
||
|
if len(c.Build.Image) == 0 {
|
||
|
return fmt.Errorf("Yaml must define a build image")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when no build commands are defined
|
||
|
func expectCommand(c *common.Config) error {
|
||
|
if c.Build.Config == nil || c.Build.Config["commands"] == nil {
|
||
|
return fmt.Errorf("Yaml must define build commands")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when a non-trusted clone plugin is used.
|
||
|
func expectTrustedClone(c *common.Config) error {
|
||
|
if c.Clone != nil && strings.Contains(c.Clone.Image, "/") {
|
||
|
return fmt.Errorf("Yaml must use trusted clone plugins")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when a non-trusted setup plugin is used.
|
||
|
func expectTrustedSetup(c *common.Config) error {
|
||
|
if c.Setup != nil && strings.Contains(c.Setup.Image, "/") {
|
||
|
return fmt.Errorf("Yaml must use trusted setup plugins")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when a non-trusted publish plugin is used.
|
||
|
func expectTrustedPublish(c *common.Config) error {
|
||
|
for _, step := range c.Publish {
|
||
|
if strings.Contains(step.Image, "/") {
|
||
|
return fmt.Errorf("Yaml must use trusted publish plugins")
|
||
|
}
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when a non-trusted deploy plugin is used.
|
||
|
func expectTrustedDeploy(c *common.Config) error {
|
||
|
for _, step := range c.Deploy {
|
||
|
if strings.Contains(step.Image, "/") {
|
||
|
return fmt.Errorf("Yaml must use trusted deploy plugins")
|
||
|
}
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// lint rule that fails when a non-trusted notify plugin is used.
|
||
|
func expectTrustedNotify(c *common.Config) error {
|
||
|
for _, step := range c.Notify {
|
||
|
if strings.Contains(step.Image, "/") {
|
||
|
return fmt.Errorf("Yaml must use trusted notify plugins")
|
||
|
}
|
||
|
}
|
||
|
return nil
|
||
|
}
|