-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Support workflows with .yaml extension
Improve the scanner by including workflow file using the `.yaml` extension when scanning so that problems in such workflows are also supported. This change is accompanied by a new CLI test that verifies `.yaml` workflows are being scanned, both within a project and as a specified file. Signed-off-by: Eric Cornelissen <ericornelissen@gmail.com>
- Loading branch information
1 parent
6d3efc0
commit 6d3ad32
Showing
2 changed files
with
54 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| # cwd | ||
| ! exec ades . | ||
| cmp stdout repo-stdout.txt | ||
| ! stderr . | ||
|
|
||
| # file: .yml | ||
| ! exec ades .github/workflows/workflow.yml | ||
| cmp stdout yml-stdout.txt | ||
| ! stderr . | ||
|
|
||
| # file: .yaml | ||
| ! exec ades .github/workflows/workflow.yaml | ||
| cmp stdout yaml-stdout.txt | ||
| ! stderr . | ||
|
|
||
|
|
||
| -- .github/workflows/workflow.yml -- | ||
| name: Example unsafe workflow | ||
| on: [push] | ||
|
|
||
| jobs: | ||
| example: | ||
| name: Unsafe .yml | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v3 | ||
| - name: Unsafe run | ||
| run: echo 'Hello from .yml, ${{ inputs.name }}' | ||
| -- .github/workflows/workflow.yaml -- | ||
| name: Example unsafe workflow | ||
| on: [push] | ||
|
|
||
| jobs: | ||
| example: | ||
| name: Unsafe .yaml | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v3 | ||
| - name: Unsafe run | ||
| run: echo 'Hello from .yaml, ${{ inputs.name }}' | ||
| -- repo-stdout.txt -- | ||
| Detected 1 violation(s) in '.github/workflows/workflow.yaml': | ||
| job 'Unsafe .yaml', step 'Unsafe run' has '${{ inputs.name }}' | ||
| Detected 1 violation(s) in '.github/workflows/workflow.yml': | ||
| job 'Unsafe .yml', step 'Unsafe run' has '${{ inputs.name }}' | ||
| -- yml-stdout.txt -- | ||
| Detected 1 violation(s) in '.github/workflows/workflow.yml': | ||
| job 'Unsafe .yml', step 'Unsafe run' has '${{ inputs.name }}' | ||
| -- yaml-stdout.txt -- | ||
| Detected 1 violation(s) in '.github/workflows/workflow.yaml': | ||
| job 'Unsafe .yaml', step 'Unsafe run' has '${{ inputs.name }}' |