Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support of Grype args #2

Merged
merged 16 commits into from
Jun 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/linting.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,5 @@ jobs:
pre-commit:
name: Pre-commit
uses: fabasoad/reusable-workflows/.github/workflows/wf-pre-commit.yml@main
with:
skip-hooks: "grype-dir"
5 changes: 5 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,11 @@ repos:
rev: v8.18.4
hooks:
- id: gitleaks
- repo: https://github.com/fabasoad/pre-commit-grype
rev: v0.1.0
hooks:
- id: grype-dir
stages: ["push"]
# Markdown
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.41.0
Expand Down
2 changes: 1 addition & 1 deletion .pre-commit-hooks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- id: grype-dir
name: Grype Dir
description: Scans directory
entry: hooks/grype-dir.sh
entry: src/main.sh "grype-dir"
language: script
pass_filenames: false
verbose: true
41 changes: 0 additions & 41 deletions hooks/grype-dir.sh

This file was deleted.

17 changes: 0 additions & 17 deletions hooks/util-install.sh

This file was deleted.

13 changes: 13 additions & 0 deletions src/hooks/grype-dir.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/usr/bin/env bash
set -u

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
BASE_DIR_PATH="${LIB_DIR_PATH}/base"

. "${BASE_DIR_PATH}/grype-common.sh"

grype_dir() {
grype_common "dir:." "$@"
}
25 changes: 25 additions & 0 deletions src/lib/args/apply-hook-arg.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/usr/bin/env sh

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${UTILS_DIR_PATH}/logging.sh"
. "${UTILS_DIR_PATH}/validators.sh"

apply_hook_arg() {
arg="$1"
case "${arg}" in
"--log-level"*)
val=$(echo "${arg}" | cut -d ' ' -f 2)
is_valid=$(validate_enum "--log-level" "${val}" "off,debug,info,warning,error")
if [ "${is_valid}" = "true" ]; then
GLOB_LOG_LEVEL="${val}"
fi
;;
*)
log_warning "Unknown ${arg} argument has been passed as --hook-args"
;;
esac
}
58 changes: 58 additions & 0 deletions src/lib/args/parse-all-args.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
#!/usr/bin/env bash

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
ARGS_DIR_PATH="${LIB_DIR_PATH}/args"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${ARGS_DIR_PATH}/apply-hook-arg.sh"
. "${UTILS_DIR_PATH}/logging.sh"

parse_all_args() {
grype_args=""
hook_args=""
curr_flag=""

args="$@"

# Loop through all the arguments
while [[ -n "${args}" ]]; do
case "$(echo "${args}" | cut -d '=' -f 1)" in
--hook-args)
args="${args#*=}"
curr_flag="hook"
;;
--grype-args)
args="${args#*=}"
curr_flag="grype"
;;
*)
arg=$(echo "${args}" | cut -d ' ' -f 1)
if [ "${curr_flag}" = "hook" ]; then
hook_args="${hook_args} ${arg}"
elif [ "${curr_flag}" = "grype" ]; then
grype_args="${grype_args} ${arg}"
else
msg="Invalid format of the following argument: \"${arg}\". Please use"
msg="${msg} --hook-args to pass args to pre-commit hook or --grype-args"
msg="${msg} to pass args to grype. For more information go to https://github.com/fabasoad/pre-commit-grype?tab=readme-ov-file"
log_error "${msg}"
exit 1
fi

args=$(echo "${args}" | cut -d ' ' -f 2-)
if [ "${arg}" = "${args}" ]; then
args=""
fi
;;
esac
done

hook_args=$(echo "${hook_args}" | sed 's/^ *//')
grype_args=$(echo "${grype_args}" | sed 's/^ *//')
if [ -n "${hook_args}" ]; then
log_info "Pre-commit hook arguments: ${hook_args}"
fi
echo "${grype_args}"
}
43 changes: 43 additions & 0 deletions src/lib/base/grype-common.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
#!/usr/bin/env bash
set -u

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
ARGS_DIR_PATH="${LIB_DIR_PATH}/args"
INSTALLATION_DIR_PATH="${LIB_DIR_PATH}/installation"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${ARGS_DIR_PATH}/parse-all-args.sh"
. "${INSTALLATION_DIR_PATH}/install.sh"
. "${INSTALLATION_DIR_PATH}/uninstall.sh"
. "${UTILS_DIR_PATH}/logging.sh"

grype_common() {
cmd="$1"
shift
grype_args="${cmd} $(parse_all_args "$@")"

res=$(install)
to_uninstall=$(echo "${res}" | cut -d ':' -f 1)
grype_path=$(echo "${res}" | cut -d ':' -f 2)
grype_version=$(${grype_path} --version | cut -d ' ' -f 2)
log_info "Grype path: ${grype_path}"
log_info "Grype version: ${grype_version}"
log_info "Grype will$([[ "${to_uninstall}" = "true" ]] && echo "" || echo " not") be uninstalled after scanning completed"
log_info "Grype arguments: ${grype_args}"

set +e
${grype_path} ${grype_args}
grype_exit_code=$?
set -e
msg="Grype exit code: ${grype_exit_code}"
if [ "${grype_exit_code}" = "0" ]; then
log_info "Grype exit code: ${grype_exit_code}"
else
log_warning "Grype exit code: ${grype_exit_code}"
fi

try_uninstall "$(dirname ${grype_path})" "${to_uninstall}"
exit "${grype_exit_code}"
}
3 changes: 3 additions & 0 deletions src/lib/default.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/usr/bin/env sh

GLOB_LOG_LEVEL="info"
38 changes: 38 additions & 0 deletions src/lib/installation/install.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/usr/bin/env sh

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${UTILS_DIR_PATH}/logging.sh"

log_debug_installed() {
grype_path="$1"
if [ "$2" = "false" ]; then
word="found"
else
word="installed"
fi
log_debug "Grype $($grype_path --version | cut -d ' ' -f 2) is ${word} at ${grype_path}"
}

install() {
log_debug "Grype installation started"
to_uninstall="false"
if command -v grype &> /dev/null; then
grype_path="$(which grype)"
else
bin_dir="${ROOT_DIR_PATH}/.pre-commit-grype"
grype_path="${bin_dir}/grype"
mkdir -p "${bin_dir}"
if [ ! -d "${bin_dir}" ] || [ ! -f "${grype_path}" ]; then
log_debug "Grype is not found. Downloading latest version..."
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b "${bin_dir}"
to_uninstall="true"
fi
fi
log_debug_installed "${grype_path}" "${to_uninstall}"
echo "${to_uninstall}:${grype_path}"
log_debug "Grype installation completed"
}
18 changes: 18 additions & 0 deletions src/lib/installation/uninstall.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#!/usr/bin/env sh

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${UTILS_DIR_PATH}/logging.sh"

try_uninstall() {
bin_dir="$1"
to_uninstall="$2"
if [ "${to_uninstall}" = "true" ]; then
log_debug "Uninstalling ${bin_dir} directory started"
rm -rf "${bin_dir}"
log_debug "Uninstalling ${bin_dir} directory completed"
fi
}
73 changes: 73 additions & 0 deletions src/lib/utils/logging.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
#!/usr/bin/env sh

log() {
prefix="[pre-commit-grype]"
level=$1
msg=$2

printf "%s %s level=%s %s\n" "$prefix" "$(date +'%Y-%m-%d %T')" "$level" "$msg" >&2
}

log_debug() {
if [ "$(is_debug_ok)" = "true" ]; then
log "debug" "$1"
fi
}

log_info() {
if [ "$(is_info_ok)" = "true" ]; then
log "info" "$1"
fi
}

log_warning() {
if [ "$(is_warning_ok)" = "true" ]; then
log "warning" "$1"
fi
}

log_error() {
if [ "$(is_error_ok)" = "true" ]; then
log "error" "$1"
fi
}

is_debug_ok() {
# ok: debug
# not ok: off, info, warning, error
if [ "${GLOB_LOG_LEVEL}" = "debug" ]; then
echo "true"
else
echo "false"
fi
}

is_info_ok() {
# ok: debug, info
# not ok: off, warning, error
if [ "${GLOB_LOG_LEVEL}" = "debug" ] || [ "${GLOB_LOG_LEVEL}" = "info" ]; then
echo "true"
else
echo "false"
fi
}

is_warning_ok() {
# ok: debug, info, warning
# not ok: off, error
if [ "${GLOB_LOG_LEVEL}" != "error" ] && [ "${GLOB_LOG_LEVEL}" != "off" ]; then
echo "true"
else
echo "false"
fi
}

is_error_ok() {
# ok: debug, info, warning, error
# not ok: off
if [ "${GLOB_LOG_LEVEL}" != "off" ]; then
echo "true"
else
echo "false"
fi
}
24 changes: 24 additions & 0 deletions src/lib/utils/validators.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
#!/usr/bin/env sh

MAIN_SCRIPT_PATH=$(realpath "$0")
SRC_DIR_PATH=$(dirname "${MAIN_SCRIPT_PATH}")
LIB_DIR_PATH="${SRC_DIR_PATH}/lib"
UTILS_DIR_PATH="${LIB_DIR_PATH}/utils"

. "${UTILS_DIR_PATH}/logging.sh"

validate_enum() {
param_key="$1"
param_val="$2"
enum_opts="$3,"
log_level="${4:warning}"
case ",${enum_opts}" in
*",${param_val},"*)
echo "true"
;;
*)
log_${log_level} "\"${param_key}\" parameter is invalid. Possible values: $(echo "${enum_opts%,}" | sed 's/,/, /g')."
echo "false"
;;
esac
}
Loading