Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-01-27 15:57:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

bazel: improve script template resilience

Browse Source 
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
Paul Meyer 2023-03-29 14:13:26 +02:00
parent 909bfb9274
commit d7fafb92b7
13 changed files with 122 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
bazel/ci/actionlint.sh.in
View File

@ -1,8 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
actionlint=$(realpath @@ACTIONLINT@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
shellcheck=$(realpath @@SHELLCHECK@@ || echo) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,6 +11,12 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 actionlint=$(realpath @@ACTIONLINT@@)
stat "${actionlint}" >> /dev/null
shellcheck=$(realpath @@SHELLCHECK@@ || echo) # might not exist
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
${actionlint} -shellcheck="${shellcheck}" ${actionlint} -shellcheck="${shellcheck}"

11
bazel/ci/buf.sh.in
View File

@ -1,7 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
buf=$(realpath @@BUF@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -9,7 +11,12 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 buf=$(realpath @@BUF@@)
stat "${buf}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
readarray -t <<< "$(find "$(pwd)" -type f -name "*.proto")" readarray -t <<< "$(find "$(pwd)" -type f -name "*.proto")"
protos=("${MAPFILE[@]}") protos=("${MAPFILE[@]}")

14
bazel/ci/golangci.sh.in
View File

@ -1,8 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
golangcilint=$(realpath @@GOLANGCI-LINT@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
go=$(realpath @@GO@@) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,7 +11,14 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 golangcilint=$(realpath @@GOLANGCI-LINT@@)
stat "${golangcilint}" >> /dev/null
go=$(realpath @@GO@@)
stat "${go}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
readarray -t <<< "$(${go} list -f '{{.Dir}}' -m)" readarray -t <<< "$(${go} list -f '{{.Dir}}' -m)"
modules=("${MAPFILE[@]}") modules=("${MAPFILE[@]}")

14
bazel/ci/golicenses.sh.in
View File

@ -2,9 +2,10 @@
# Compare licenses of Go dependencies against a whitelist. # Compare licenses of Go dependencies against a whitelist.
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
go=$(realpath @@GO@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
golicenses=$(realpath @@GO_LICENSES@@) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -12,7 +13,14 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 go=$(realpath @@GO@@)
stat "${go}" >> /dev/null
golicenses=$(realpath @@GO_LICENSES@@)
stat "${golicenses}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
not_allowed() { not_allowed() {
echo "license not allowed for package: ${line}" echo "license not allowed for package: ${line}"

14
bazel/ci/govulncheck.sh.in
View File

@ -1,8 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
go=$(realpath @@GO@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
govulncheck=$(realpath @@GOVULNCHECK@@) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,7 +11,14 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 go=$(realpath @@GO@@)
stat "${go}" >> /dev/null
govulncheck=$(realpath @@GOVULNCHECK@@)
stat "${govulncheck}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
submodules=$(${go} list -f '{{.Dir}}' -m) submodules=$(${go} list -f '{{.Dir}}' -m)

7
bazel/ci/licenseheader.sh.in
View File

@ -2,7 +2,10 @@
# Compare licenses of Go dependencies against a whitelist. # Compare licenses of Go dependencies against a whitelist.
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
stat "${lib}" >> /dev/null || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,7 +13,9 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
echo "Checking files for missing company license header..." echo "Checking files for missing company license header..."

14
bazel/ci/shellcheck.sh.in
View File

@ -1,8 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
shfmt=$(realpath @@SHFMT@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
shellcheck=$(realpath @@SHELLCHECK@@) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,7 +11,14 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 shfmt=$(realpath @@SHFMT@@)
stat "${shfmt}" >> /dev/null
shellcheck=$(realpath @@SHELLCHECK@@)
stat "${shellcheck}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
scriptsStr=$(${shfmt} -f "${BUILD_WORKSPACE_DIRECTORY}") scriptsStr=$(${shfmt} -f "${BUILD_WORKSPACE_DIRECTORY}")
readarray -t <<< "${scriptsStr}" readarray -t <<< "${scriptsStr}"

11
bazel/ci/shfmt.sh.in
View File

@ -1,7 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
shfmt=$(realpath @@SHFMT@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -9,7 +11,12 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 shfmt=$(realpath @@SHFMT@@)
stat "${shfmt}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
scriptsStr=$(${shfmt} -f "${BUILD_WORKSPACE_DIRECTORY}") scriptsStr=$(${shfmt} -f "${BUILD_WORKSPACE_DIRECTORY}")
readarray -t <<< "${scriptsStr}" readarray -t <<< "${scriptsStr}"

13
bazel/ci/tf.sh.in
View File

@ -1,8 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
terraform=$(realpath @@TERRAFORM@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
mode="@@MODE@@" || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -10,7 +11,13 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 terraform=$(realpath @@TERRAFORM@@)
stat "${terraform}" >> /dev/null
mode="@@MODE@@"
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
readarray -t <<< "$( readarray -t <<< "$(
find "$(pwd)" -type f -name "*.tf" -exec dirname "{}" \; | find "$(pwd)" -type f -name "*.tf" -exec dirname "{}" \; |

11
bazel/ci/tfsec.sh.in
View File

@ -1,7 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
tfsec=$(realpath @@TFSEC@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -9,7 +11,12 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 tfsec=$(realpath @@TFSEC@@)
stat "${tfsec}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
readarray -t <<< "$(find "$(pwd)" -type f -name "*.tf" -exec dirname "{}" \; | sort -ud)" readarray -t <<< "$(find "$(pwd)" -type f -name "*.tf" -exec dirname "{}" \; | sort -ud)"
terraformModules=("${MAPFILE[@]}") terraformModules=("${MAPFILE[@]}")

11
bazel/ci/tidy.sh.in
View File

@ -1,7 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
go=$(realpath @@GO@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -9,7 +11,12 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKSPACE_DIRECTORY}" || exit 1 go=$(realpath @@GO@@)
stat "${go}" >> /dev/null
cd "${BUILD_WORKSPACE_DIRECTORY}"
###### script body ######
submodules=$(${go} list -f '{{.Dir}}' -m) submodules=$(${go} list -f '{{.Dir}}' -m)

20
bazel/devbuild/prepare_developer_workspace.sh.in
View File

@ -3,11 +3,10 @@
# This script is run from the user's Constellation workspace (BUILD_WORKING_DIRECTORY). # This script is run from the user's Constellation workspace (BUILD_WORKING_DIRECTORY).
# It prepares the workspace by symlinking all required binaries into folder. # It prepares the workspace by symlinking all required binaries into folder.
###### script header ######
lib=$(realpath @@BASE_LIB@@) || exit 1 lib=$(realpath @@BASE_LIB@@) || exit 1
bootstrapper=$(realpath @@BOOTSTRAPPER@@) || exit 1 stat "${lib}" >> /dev/null || exit 1
upgrade_agent=$(realpath @@UPGRADE_AGENT@@) || exit 1
cli=$(realpath @@CLI@@) || exit 1
cdbg=$(realpath @@CDBG@@) || exit 1
# shellcheck source=../sh/lib.bash # shellcheck source=../sh/lib.bash
if ! source "${lib}"; then if ! source "${lib}"; then
@ -15,7 +14,18 @@ if ! source "${lib}"; then
exit 1 exit 1
fi fi
cd "${BUILD_WORKING_DIRECTORY}" || exit 1 bootstrapper=$(realpath @@BOOTSTRAPPER@@)
stat "${bootstrapper}" >> /dev/null
upgrade_agent=$(realpath @@UPGRADE_AGENT@@)
stat "${upgrade_agent}" >> /dev/null
cli=$(realpath @@CLI@@)
stat "${cli}" >> /dev/null
cdbg=$(realpath @@CDBG@@)
stat "${cdbg}" >> /dev/null
cd "${BUILD_WORKING_DIRECTORY}"
###### script body ######
if [[ $# -eq 0 ]]; then if [[ $# -eq 0 ]]; then
workdir="." workdir="."

1
internal/attestation/measurements/measurement-generator/generate.go
View File

@ -1,5 +1,6 @@
/* /*
Copyright (c) Edgeless Systems GmbH Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only SPDX-License-Identifier: AGPL-3.0-only
*/ */