From 3061e7ee48013a97047b061ae72f237184fa07ba Mon Sep 17 00:00:00 2001 From: Opeyemi Alao <54288773+Eeebru@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:17:17 +0000 Subject: [PATCH] UPDATE: use hashset --- lint-workflow/lint.py | 9 +++++---- lint-workflow/supported-actions.json | 2 -- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/lint-workflow/lint.py b/lint-workflow/lint.py index e3c6bb1a..fffb433c 100644 --- a/lint-workflow/lint.py +++ b/lint-workflow/lint.py @@ -203,15 +203,16 @@ def get_action_update(action_id): def lint(filename): + supported_actions = {"act10ns/slack", "actions/cache", "actions/checkout", "actions/delete-package-versions", "actions/download-artifact", "actions/github-script", "actions/labeler", "actions/setup-dotnet", "actions/setup-java", "actions/setup-node", "actions/setup-python", "actions/stale", "actions/upload-artifact", "android-actions/setup-android", "Asana/create-app-attachment-github-action", "Azure/functions-action", "Azure/get-keyvault-secrets", "Azure/login", "azure/webapps-deploy", "bitwarden/sm-action", "checkmarx/ast-github-action", "chrnorm/deployment-action", "chrnorm/deployment-status", "chromaui/action", "cloudflare/pages-action", "convictional/trigger-workflow-and-wait", "crazy-max/ghaction-import-gpg", "crowdin/github-action", "dawidd6/action-download-artifact", "dawidd6/action-homebrew-bump-formula", "digitalocean/action-doctl", "docker/build-push-action", "docker/setup-buildx-action", "docker/setup-qemu-action", "dorny/test-reporter", "dtolnay/rust-toolchain", "futureware-tech/simulator-action", "hashicorp/setup-packer", "macauley/action-homebrew-bump-cask", "microsoft/setup-msbuild", "ncipollo/release-action", "peter-evans/close-issue", "ruby/setup-ruby", "samuelmeuli/action-snapcraft", "snapcore/action-build", "sonarsource/sonarcloud-github-action", "stackrox/kube-linter-action", "Swatinem/rust-cache", "SwiftDocOrg/github-wiki-publish-action", "SwiftDocOrg/swift-doc", "tj-actions/changed-files", "yogevbd/enforce-label-action"} + + + findings = [] max_error_level = 0 with open(filename) as file: workflow = yaml.load(file, Loader=yaml.FullLoader) - with open("supported-actions.json") as file: - supported_actions = json.load(file) - # Check for 'name' key for the workflow. if "name" not in workflow: findings.append(LintFinding("Name key missing for workflow.", "warning")) @@ -299,7 +300,7 @@ def lint(filename): if "bitwarden/gh-actions" not in path: try: # Check if actions are in supported actions list. - if path != supported_actions[path]: + if path not in supported_actions: findings.append( LintFinding( f"Step {str(i)} of job key '{job_key}' uses an unsupported action: {path}.", diff --git a/lint-workflow/supported-actions.json b/lint-workflow/supported-actions.json index 8a3dd24c..e69de29b 100644 --- a/lint-workflow/supported-actions.json +++ b/lint-workflow/supported-actions.json @@ -1,2 +0,0 @@ -{ "act10ns/slack": "act10ns/slack", "actions/cache": "actions/cache", "actions/checkout": "actions/checkout", "actions/delete-package-versions": "actions/delete-package-versions", "actions/download-artifact": "actions/download-artifact", "actions/github-script": "actions/github-script", "actions/labeler": "actions/labeler", "actions/setup-dotnet": "actions/setup-dotnet", "actions/setup-java": "actions/setup-java", "actions/setup-node": "actions/setup-node", "actions/setup-python": "actions/setup-python", "actions/stale": "actions/stale", "actions/upload-artifact": "actions/upload-artifact", "android-actions/setup-android": "android-actions/setup-android", "Asana/create-app-attachment-github-action": "Asana/create-app-attachment-github-action", "Azure/functions-action": "Azure/functions-action", "Azure/get-keyvault-secrets": "Azure/get-keyvault-secrets", "Azure/login": "Azure/login", "azure/webapps-deploy": "azure/webapps-deploy", "bitwarden/sm-action": "bitwarden/sm-action", "checkmarx/ast-github-action": "checkmarx/ast-github-action", "chrnorm/deployment-action": "chrnorm/deployment-action", "chrnorm/deployment-status": "chrnorm/deployment-status", "chromaui/action": "chromaui/action", "cloudflare/pages-action": "cloudflare/pages-action", "convictional/trigger-workflow-and-wait": "convictional/trigger-workflow-and-wait", "crazy-max/ghaction-import-gpg": "crazy-max/ghaction-import-gpg", "crowdin/github-action": "crowdin/github-action", "dawidd6/action-download-artifact": "dawidd6/action-download-artifact", "dawidd6/action-homebrew-bump-formula": "dawidd6/action-homebrew-bump-formula", "digitalocean/action-doctl": "digitalocean/action-doctl", "docker/build-push-action": "docker/build-push-action", "docker/setup-buildx-action": "docker/setup-buildx-action", "docker/setup-qemu-action": "docker/setup-qemu-action", "dorny/test-reporter": "dorny/test-reporter", "dtolnay/rust-toolchain": "dtolnay/rust-toolchain", "futureware-tech/simulator-action": "futureware-tech/simulator-action", "hashicorp/setup-packer": "hashicorp/setup-packer", "macauley/action-homebrew-bump-cask": "macauley/action-homebrew-bump-cask", "microsoft/setup-msbuild": "microsoft/setup-msbuild", "ncipollo/release-action": "ncipollo/release-action", "peter-evans/close-issue": "peter-evans/close-issue", "ruby/setup-ruby": "ruby/setup-ruby", "samuelmeuli/action-snapcraft": "samuelmeuli/action-snapcraft", "snapcore/action-build": "snapcore/action-build", "sonarsource/sonarcloud-github-action": "sonarsource/sonarcloud-github-action", "stackrox/kube-linter-action": "stackrox/kube-linter-action", "Swatinem/rust-cache": "Swatinem/rust-cache", "SwiftDocOrg/github-wiki-publish-action": "SwiftDocOrg/github-wiki-publish-action", "SwiftDocOrg/swift-doc": "SwiftDocOrg/swift-doc", "tj-actions/changed-files": "tj-actions/changed-files", "yogevbd/enforce-label-action": "yogevbd/enforce-label-action"} -