-
Notifications
You must be signed in to change notification settings - Fork 0
/
lint-gitlab-ci.sh
executable file
·227 lines (176 loc) · 7 KB
/
lint-gitlab-ci.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
#!/bin/bash
# v1.0
GITLAB_CI_YML_PATH=${GITLAB_CI_YML_PATH:=.gitlab-ci.yml}
GITLAB_API_PATH_CI_LINT=${GITLAB_API_PATH_CI_LINT:=/api/v3/ci/lint}
RESC="\\033[0;0m"
C_F_CYAN="\\033[1;36m"
C_F_RED="\\033[1;31m"
C_F_GREEN="\\033[1;32m"
C_F_YELLOW="\\033[1;33m"
GITLAB_LINTER_ERROR=""
SCRIPTPATH=$(cd $(dirname $0) ; pwd)/${0##*/}
function usage() {
cat <<EOT
Check .gitlab-ci.yml syntax using Gitlab API.
Usage:
${0##*/} [--help|--install|--uninstall]
-h, --help : show this help
-i, --install : install as git pre-commit hook for the current repository
-u, --uninstall : remove from git pre-commit hook for the current repository
Without any options, it will check the .gitlab-ci.yml of the current local repository.
The current working directory needs to be within a git repository, but not necessary at the repository root.
The git repository needs to have a remote 'origin' set to an instance of gitlab (ssh or http remote).
The script will try to validate only if a .gitlab-ci.yml file exists in the root of the repository.
--install will install the hook as a symbolic link the the current script. The install will failed if a pre-commit hook
already exists (and is not already a link to the script). In that case, you will have to install it manually.
Manual installation only require to add a call to the current script in your existing pre-commit hook.
--uninstall will only remove the pre-commit hook if it is a symbolic link to the current script. Otherwise, you will have
to uninstall it manually.
EOT
}
function checkIsGitRepo() {
if ! GIT_ROOT_PATH=$(git rev-parse --show-toplevel 2>/dev/null) ; then
>&2 echo -e "${C_F_RED}*** Not in a valid git repository${RESC}"
exit 1
fi
}
function checkIsGitlabCIYAML() {
if [[ ! -f "${GIT_ROOT_PATH}/${GITLAB_CI_YML_PATH}" ]] ; then
>&2 echo -e "${C_F_YELLOW}*** No Gitlab-CI file found (${GITLAB_CI_YML_PATH})${RESC}"
exit 1
fi
}
function escapeForJSON() {
local l_string="$1" ; shift
l_string=${l_string//\\/\\\\} # \
l_string=${l_string//\"/\\\"} # "
l_string=${l_string//$'\t'/\\t} # \t (tab)
l_string=${l_string//$'\n'/\\n} # \n (newline)
l_string=${l_string//$'\r'/\\r} # \r (carriage return)
echo "$l_string"
}
function checkCILinterAPI() {
local l_url="${1%%/*}" ; shift
curl -L --header "Content-Type: application/json" -XPOST \
"$l_url" \
--data '{ "content" : "test:\n script: test" }'
}
function guessGitlabAPIUrl() {
local l_gitRemote=$(git remote get-url --push origin)
local l_gitRootUrl=""
local l_gitlabAPIUrl=""
if [[ "$l_gitRemote" =~ ^http:// || "$l_gitRemote" =~ ^https:// ]] ; then
# Remote is already using https
l_gitRootUrl=$(echo "$l_gitRemote" | sed -r 's|^(https?://[^/]*).*$|\1|')
else
# Remote is using ssh, extract the FQDN
l_gitRootUrl=${l_gitRemote#*@}
l_gitRootUrl=${l_gitRootUrl%%:*}
l_gitRootUrl="http://$l_gitRootUrl"
fi
# get the API URL after redirection
if ! l_gitlabAPIUrl=$(curl -w "%{url_effective}\n" -I -L -s -S "${l_gitRootUrl}${GITLAB_API_PATH_CI_LINT}" -o /dev/null) ; then
>&2 echo -e "${C_F_YELLOW}*** Unable to guess gitlab API from remote ${l_gitRemote}${RESC}"
return 1
fi
if [[ -z "$l_gitlabAPIUrl" || ! "$l_gitlabAPIUrl" =~ ^http || ! "$l_gitlabAPIUrl" =~ ${GITLAB_API_PATH_CI_LINT}$ ]] ; then
>&2 echo -e "${C_F_YELLOW}*** Unable to guess gitlab API from remote ${l_gitRemote}${RESC}"
return 1
fi
echo $l_gitlabAPIUrl | sed -r 's|^(https?://[^/]*).*$|\1|'
}
function validateGitlabCIYAML() {
local l_gitlabUrlRoot=$1 ; shift
local l_gitlabci=$1 ; shift
local l_curlFlags=(-XPOST --header "Content-Type: application/json" -sw "\nHTTP-STATUS:%{response_code}")
local l_ciContent=$(escapeForJSON "$(cat $l_gitlabci)")
l_curlResult=$(curl -L "${l_curlFlags[@]}" \
"${l_gitlabUrlRoot}${GITLAB_API_PATH_CI_LINT}" \
--data "{\"content\" : \"$l_ciContent\"}" )
l_lintAnswer="${l_curlResult%?HTTP-STATUS:*}"
l_httpStatusCode=${l_curlResult##*HTTP-STATUS:}
if [[ $l_httpStatusCode -ne 200 ]] ; then
if [[ -n "$l_lintAnswer" ]] ; then
GITLAB_LINTER_ERROR="$l_lintAnswer"
else
GITLAB_LINTER_ERROR="HTTP code $l_httpStatusCode"
fi
return 1
fi
l_linterStatus=$(echo "$l_lintAnswer" | jq -r .status)
if [[ "$l_linterStatus" != "valid" ]] ; then
GITLAB_LINTER_ERROR=$(echo "$l_lintAnswer" | jq -r 'if .errors then .errors | join("\n") else "Unknown error" end' | sed 's/^/- /')
return 1
fi
return 0
}
function installGitHook() {
checkIsGitRepo
local l_hookPath="${GIT_ROOT_PATH}/.git/hooks/pre-commit";
if guessGitlabAPIUrl > /dev/null ; then
if [[ -e "$l_hookPath" ]] ; then
if [[ -L "$l_hookPath" && $(readlink "$l_hookPath") = "$SCRIPTPATH" ]] ; then
echo -e "${C_F_CYAN}Already installed.${RESC}"
exit 0
fi
>&2 echo -e "${C_F_YELLOW}*** A pre-commit hook already exists${RESC} \nPlease install manually by adding '$SCRIPTPATH' in your pre-commit script."
exit 4
fi
if [[ ! -d $(dirname $l_hookPath) ]] ; then
mkdir -p $(dirname $l_hookPath)
fi
if ln -s "$SCRIPTPATH" "$l_hookPath" ; then
find "$l_hookPath" -prune \( -type l -printf '%p -> %l\n' -o -printf '%p\n' \)
echo -e "${C_F_GREEN}Git pre-commit hook installed!${RESC}"
exit 0
fi
else
exit 3
fi
}
function uninstallGitHook() {
checkIsGitRepo
local l_hookPath="${GIT_ROOT_PATH}/.git/hooks/pre-commit";
if guessGitlabAPIUrl > /dev/null ; then
if [[ -e "$l_hookPath" ]] ; then
if [[ -L "$l_hookPath" && $(readlink "$l_hookPath") = "$SCRIPTPATH" ]] ; then
if rm "$l_hookPath" ; then
echo -e "${C_F_GREEN}Git pre-commit hook uinstalled!${RESC}"
exit 0
fi
fi
>&2 echo -e "${C_F_RED}*** Unknown pre-commit hook${RESC} \nPlease uninstall manually."
exit 4
fi
>&2 echo -e "${C_F_YELLOW}*** No pre-commit hook found${RESC}."
exit 4
else
exit 3
fi
}
function readOpts() {
case "$1" in
-h|--help) usage ; shift ; exit 0 ;;
-i|--install) installGitHook ; shift ; exit 0 ;;
-u|--uninstall) uninstallGitHook ; shift ; exit 0 ;;
esac
return 0
}
readOpts "$@"
checkIsGitRepo
checkIsGitlabCIYAML
if ! _GITLAB_API_ROOT_URL=$(guessGitlabAPIUrl) ; then
exit 3
fi
echo -en "Validating ${GITLAB_CI_YML_PATH}..."
if validateGitlabCIYAML "$_GITLAB_API_ROOT_URL" "${GIT_ROOT_PATH}/${GITLAB_CI_YML_PATH}" ; then
echo -e " ${C_F_GREEN}OK${RESC}"
else
echo -e " ${C_F_RED}KO${RESC}"
if [[ -n "$GITLAB_LINTER_ERROR" ]] ; then
>&2 echo -e "${C_F_RED}$GITLAB_LINTER_ERROR${RESC}"
else
>&2 echo -e "${C_F_RED}Unknown error1${RESC}"
fi
exit 10
fi