diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 96d1c52f..899f0c77 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -5,19 +5,23 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - id: files + uses: jitterbit/get-changed-files@v1 - name: Run checks + env: + PR_FILES_AM: ${{ steps.files.outputs.added_modified }} + PR_FILES_RENAMED: ${{ steps.files.outputs.renamed }} run: | - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - PR_FILES=$(curl -s -X GET -G $URL | jq -r '.[] | select(.status != "removed") | .filename') - for files in $PR_FILES; do - extension="${files##*.}" - if [[ $extension == 'py' ]]; then - changed_files_bandit+=" ${files}" - fi + PR_FILES="$PR_FILES_AM $PR_FILES_RENAMED" + for FILE in $PR_FILES; do + EXTENSION="${FILE##*.}" + if [[ $EXTENSION == 'py' ]]; then + CHANGED_FILES+=" $FILE" + fi done - if [[ ! -z ${changed_files_bandit} ]]; then + if [[ ! -z $CHANGED_FILES ]]; then sudo apt-get --no-install-recommends install -y build-essential curl python3-dev python3-pip python3-venv python3 -m venv .env . .env/bin/activate @@ -25,9 +29,9 @@ jobs: pip install bandit mkdir -p bandit_report - echo "Bandit version: "`bandit --version | head -1` - echo "The files will be checked: "`echo ${changed_files_bandit}` - bandit ${changed_files_bandit} --exclude '**/tests/**' -a file --ini ./.bandit -f html -o ./bandit_report/bandit_checks.html + echo "Bandit version: "$(bandit --version | head -1) + echo "The files will be checked: "$(echo $CHANGED_FILES) + bandit $CHANGED_FILES --exclude '**/tests/**' -a file --ini ./.bandit -f html -o ./bandit_report/bandit_checks.html deactivate else echo "No files with the \"py\" extension found" diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index ba9a15ae..2cfb5bc2 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -8,27 +8,31 @@ jobs: - uses: actions/setup-node@v2 with: node-version: '16.x' + - id: files + uses: jitterbit/get-changed-files@v1 - name: Run checks + env: + PR_FILES_AM: ${{ steps.files.outputs.added_modified }} + PR_FILES_RENAMED: ${{ steps.files.outputs.renamed }} run: | - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - PR_FILES=$(curl -s -X GET -G $URL | jq -r '.[] | select(.status != "removed") | .filename') - for files in $PR_FILES; do - extension="${files##*.}" - if [[ $extension == 'js' || $extension == 'ts' || $extension == 'jsx' || $extension == 'tsx' ]]; then - changed_files_eslint+=" ${files}" - fi + PR_FILES="$PR_FILES_AM $PR_FILES_RENAMED" + for FILE in $PR_FILES; do + EXTENSION="${FILE##*.}" + if [[ $EXTENSION == 'js' || $EXTENSION == 'ts' || $EXTENSION == 'jsx' || $EXTENSION == 'tsx' ]]; then + CHANGED_FILES+=" $FILE" + fi done - if [[ ! -z ${changed_files_eslint} ]]; then + if [[ ! -z $CHANGED_FILES ]]; then npm ci cd tests && npm ci && cd .. npm install eslint-detailed-reporter --save-dev --legacy-peer-deps mkdir -p eslint_report - echo "ESLint version: "`npx eslint --version` - echo "The files will be checked: "`echo ${changed_files_eslint}` - npx eslint ${changed_files_eslint} -f node_modules/eslint-detailed-reporter/lib/detailed.js -o ./eslint_report/eslint_checks.html + echo "ESLint version: "$(npx eslint --version) + echo "The files will be checked: "$(echo $CHANGED_FILES) + npx eslint $CHANGED_FILES -f node_modules/eslint-detailed-reporter/lib/detailed.js -o ./eslint_report/eslint_checks.html else echo "No files with the \"js|ts|jsx|tsx\" extension found" fi diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index 3ba99d5a..6cee23c3 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -5,31 +5,34 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - id: files + uses: jitterbit/get-changed-files@v1 - name: Run checks env: HADOLINT: "${{ github.workspace }}/hadolint" HADOLINT_VER: "2.1.0" VERIFICATION_LEVEL: "error" + PR_FILES_AM: ${{ steps.files.outputs.added_modified }} + PR_FILES_RENAMED: ${{ steps.files.outputs.renamed }} run: | - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - PR_FILES=$(curl -s -X GET -G $URL | jq -r '.[] | select(.status != "removed") | .filename') - for file in $PR_FILES; do - if [[ ${file} =~ 'Dockerfile' ]]; then - changed_dockerfiles+=" ${file}" - fi + PR_FILES="$PR_FILES_AM $PR_FILES_RENAMED" + for FILE in $PR_FILES; do + if [[ $FILE =~ 'Dockerfile' ]]; then + CHANGED_FILES+=" $FILE" + fi done - if [[ ! -z ${changed_dockerfiles} ]]; then - curl -sL -o ${HADOLINT} "https://github.com/hadolint/hadolint/releases/download/v${HADOLINT_VER}/hadolint-Linux-x86_64" && chmod 700 ${HADOLINT} - echo "HadoLint version: "`${HADOLINT} --version` - echo "The files will be checked: "`echo ${changed_dockerfiles}` + if [[ ! -z $CHANGED_FILES ]]; then + curl -sL -o $HADOLINT "https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VER/hadolint-Linux-x86_64" && chmod 700 $HADOLINT + echo "HadoLint version: "$($HADOLINT --version) + echo "The files will be checked: "$(echo $CHANGED_FILES) mkdir -p hadolint_report - ${HADOLINT} --no-fail --format json ${changed_dockerfiles} > ./hadolint_report/hadolint_report.json - get_verification_level=`cat ./hadolint_report/hadolint_report.json | jq -r '.[] | .level'` - for line in ${get_verification_level}; do - if [[ ${line} =~ ${VERIFICATION_LEVEL} ]]; then + $HADOLINT --no-fail --format json $CHANGED_FILES > ./hadolint_report/hadolint_report.json + GET_VERIFICATION_LEVEL=$(cat ./hadolint_report/hadolint_report.json | jq -r '.[] | .level') + for LINE in $GET_VERIFICATION_LEVEL; do + if [[ $LINE =~ $VERIFICATION_LEVEL ]]; then pip install json2html python ./tests/json_to_html.py ./hadolint_report/hadolint_report.json exit 1 diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index c796214e..9a5b17d8 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -5,19 +5,23 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - id: files + uses: jitterbit/get-changed-files@v1 - name: Run checks + env: + PR_FILES_AM: ${{ steps.files.outputs.added_modified }} + PR_FILES_RENAMED: ${{ steps.files.outputs.renamed }} run: | - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - PR_FILES=$(curl -s -X GET -G $URL | jq -r '.[] | select(.status != "removed") | .filename') - for files in $PR_FILES; do - extension="${files##*.}" - if [[ $extension == 'py' ]]; then - changed_files_pylint+=" ${files}" - fi + PR_FILES="$PR_FILES_AM $PR_FILES_RENAMED" + for FILE in $PR_FILES; do + EXTENSION="${FILE##*.}" + if [[ $EXTENSION == 'py' ]]; then + CHANGED_FILES+=" $FILE" + fi done - if [[ ! -z ${changed_files_pylint} ]]; then + if [[ ! -z $CHANGED_FILES ]]; then sudo apt-get --no-install-recommends install -y build-essential curl python3-dev python3-pip python3-venv python3 -m venv .env . .env/bin/activate @@ -27,12 +31,12 @@ jobs: pip install $(egrep "Django.*" ./cvat/requirements/base.txt) mkdir -p pylint_report - echo "Pylint version: "`pylint --version | head -1` - echo "The files will be checked: "`echo ${changed_files_pylint}` - pylint ${changed_files_pylint} --output-format=json > ./pylint_report/pylint_checks.json || exit_code=`echo $?` || true + echo "Pylint version: "$(pylint --version | head -1) + echo "The files will be checked: "$(echo $CHANGED_FILES) + pylint $CHANGED_FILES --output-format=json > ./pylint_report/pylint_checks.json || EXIT_CODE=$(echo $?) || true pylint-json2html -o ./pylint_report/pylint_checks.html ./pylint_report/pylint_checks.json deactivate - exit ${exit_code} + exit $EXIT_CODE else echo "No files with the \"py\" extension found" fi diff --git a/.github/workflows/stylelint.yml b/.github/workflows/stylelint.yml index 44887a4e..344377ce 100644 --- a/.github/workflows/stylelint.yml +++ b/.github/workflows/stylelint.yml @@ -8,28 +8,32 @@ jobs: - uses: actions/setup-node@v2 with: node-version: '16.x' + - id: files + uses: jitterbit/get-changed-files@v1 - name: Run checks + env: + PR_FILES_AM: ${{ steps.files.outputs.added_modified }} + PR_FILES_RENAMED: ${{ steps.files.outputs.renamed }} run: | - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - PR_FILES=$(curl -s -X GET -G $URL | jq -r '.[] | select(.status != "removed") | .filename') - for files in $PR_FILES; do - extension="${files##*.}" - if [[ $extension == 'css' || $extension == 'scss' ]]; then - changed_files_stylelint+=" ${files}" - fi + PR_FILES="$PR_FILES_AM $PR_FILES_RENAMED" + for FILE in $PR_FILES; do + EXTENSION="${FILE##*.}" + if [[ $EXTENSION == 'css' || $EXTENSION == 'scss' ]]; then + CHANGED_FILES+=" $FILE" + fi done - if [[ ! -z ${changed_files_stylelint} ]]; then + if [[ ! -z $CHANGED_FILES ]]; then npm ci mkdir -p stylelint_report - echo "StyleLint version: "`npx stylelint --version` - echo "The files will be checked: "`echo ${changed_files_stylelint}` - npx stylelint --formatter json --output-file ./stylelint_report/stylelint_report.json ${changed_files_stylelint} || exit_code=`echo $?` || true + echo "StyleLint version: "$(npx stylelint --version) + echo "The files will be checked: "$(echo $CHANGED_FILES) + npx stylelint --formatter json --output-file ./stylelint_report/stylelint_report.json $CHANGED_FILES || EXIT_CODE=$(echo $?) || true pip install json2html python ./tests/json_to_html.py ./stylelint_report/stylelint_report.json - exit ${exit_code} + exit $EXIT_CODE else echo "No files with the \"css|scss\" extension found" fi