Skip to content

Template for creating tools for the CICDToolbox

License

Notifications You must be signed in to change notification settings

CICDToolbox/template

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CICDToolbox logo
Github Build Status License Created
Release Released Commits since release

Overview

This is the template that we use when we are creating any of the tools within the CICD Toolbox.

All of the tools have been tested against:

  1. GitHub Actions
  2. Travis CI
  3. CircleCI
  4. BitBucket pipelines
  5. Local command line

However due to the way that they are built they should work on most CICD platforms where you can run arbitrary scripts.

We provide a script which pulls the latest copy of all the CICD tools and places them in a local bin directory to allow them to be run any time locally for added validation.

Configuration Options

The following environment variables can be set in order to customise the script.

Name Default Value Purpose
INCLUDE_FILES Unset A comma separated list of files to include for being scanned. You can also use regex to do pattern matching.
EXCLUDE_FILES Unset A comma separated list of files to exclude from being scanned. You can also use regex to do pattern matching.
NO_COLOR False Turn off the color in the output. (It is turned off by default inside of pipelines)
REPORT_ONLY False Generate the report but do not fail the build even if an error occurred.
SHOW_ERRORS True Show the actual errors instead of just which files had errors.
SHOW_SKIPPED False Show which files are being skipped.
WHITELIST Unset A comma separated list of files to be excluded from being checked.

If you set INCLUDE_FILES - it will skip ALL files that do not match, including anything in EXCLUDE_FILES.

Example Output

Running the pipeline locally against this repository and using INCLUDE_FILES="tests" results in the follow:

--------------------------------------------------------------------- Stage 1: Parameters --
 Included Files: tests
---------------------------------------------------------- Stage 2: Install Prerequisites --
 [  OK  ] file is already installed
--------------------------------------------------------------- Stage 3: Run file (v5.41) --
 [  OK  ] tests/test.py
------------------------------------------------------------------------- Stage 4: Report --
 Total: 1, OK: 1, Failed: 0, Skipped: 0
----------------------------------------------------------------------- Stage 5: Complete --

File Identification

Target files are identified using the following code:

file -b "${filename}" | grep -qE '^(REGEX)'

AND

[[ ${filename} =~ \.(REGEX)$ ]]

Tools built using this template

Name Purpose
Action Lint Validate your GitHub action files using actionlint.
Awesomebot Link check your files with awesome_bot.
Bandit Inspect your Python projects for security issues using bandit.
Hadolint Validate your Dockerfiles using hadolint.
JSON Lint Validate your JSON files using jq.
Markdown Lint Validate your markdown files in using markdownlint-cli.
Perl Lint Validate your Perl scripts using the native perl linter.
PHP Lint Validate your PHP code using the native php linter.
Puppet Lint Validate your Puppet files using puppet-lint.
Pur Verify your Python projects requirements.txt for updates using pur.
PyCodeStyle Inspect your Python projects for code smells using pycodestyle.
PyDocStyle Validate your Python project documentation for compliance with pydocstyle.
Pylama Validate your Python project documentation for compliance with pylama.
Pylint Inspect your Python projects for code smells using pylint.
Reek Inspect your Ruby code for code smells using reek.
Rubocop Perform static code analysis on Ruby code using rubocop.
ShellCheck Perform static code analysis on shell scripts using ShellCheck.
Validate Citations File Validate CITATIONS.cff using cffconvert.
YAML Lint Validate your yaml files in CI/CD pipelines using yamllint.