WIP: Update CI workflow with defensive lint for invalid bash variable assignments #12
8
.github/workflows/ci.yml
vendored
8
.github/workflows/ci.yml
vendored
@@ -81,13 +81,13 @@ jobs:
|
|||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
echo "Scanning for suspicious variable assignments (slash in LHS)..."
|
echo "Scanning for suspicious variable assignments (slash in LHS)..."
|
||||||
# Find lines that look like an assignment and contain a slash before '=' (ignore comments)
|
# Find lines that look like an assignment and contain a slash before '=' (ignore comments)
|
||||||
# Limit to repository and scripts directories to reduce false positives.
|
# Limit search to relevant directories to reduce false positives.
|
||||||
matches="$(grep -R --line-number -E '^[[:space:]]*[^#[:space:]][^=]*\/[^=]*=' . || true)"
|
matches="$(grep -R --line-number --exclude-dir=.git --exclude-dir=node_modules --exclude-dir=vendor -E '^[[:space:]]*[^#[:space:]][^=]*\/[^=]*=' . || true)"
|
||||||
if [ -n "${matches:-}" ]; then
|
if [ -n "${matches:-}" ]; then
|
||||||
echo "ERROR: Suspicious assignments detected (slash in LHS). Review and fix these lines:"
|
echo "ERROR: Suspicious assignments detected (slash in LHS). Review and fix these lines:"
|
||||||
echo "${matches}"
|
echo "${matches}"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Example of a problematic line: PREfix/TOP=\"${BRANCH_PREFIX%%/*}\""
|
echo 'Example of a problematic line: PREfix/TOP="${BRANCH_PREFIX%%/*}"'
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "No suspicious variable assignments found."
|
echo "No suspicious variable assignments found."
|
||||||
@@ -124,7 +124,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Optional validations
|
- name: Optional validations
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail || true
|
set +e
|
||||||
|
|
||||||
optional_scripts=(
|
optional_scripts=(
|
||||||
"scripts/validate/changelog.sh"
|
"scripts/validate/changelog.sh"
|
||||||
|
|||||||
Reference in New Issue
Block a user