mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-09-20 08:15:56 +00:00
c1f9d86cd3
* explicitly ignore pkgs for cleaner output * do not ignore but redirect stderr * silent env var to silent stderr * add silent env var to vuln,lint,tf * fix golangci silent * Update bazel/ci/terraform.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/golicenses.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/govulncheck.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/golangci_lint.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> --------- Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
51 lines
939 B
Bash
51 lines
939 B
Bash
#!/usr/bin/env bash
|
|
|
|
###### script header ######
|
|
|
|
lib=$(realpath @@BASE_LIB@@) || exit 1
|
|
stat "${lib}" >> /dev/null || exit 1
|
|
|
|
# shellcheck source=../sh/lib.bash
|
|
if ! source "${lib}"; then
|
|
echo "Error: could not find import"
|
|
exit 1
|
|
fi
|
|
|
|
go=$(realpath @@GO@@)
|
|
stat "${go}" >> /dev/null
|
|
govulncheck=$(realpath @@GOVULNCHECK@@)
|
|
stat "${govulncheck}" >> /dev/null
|
|
|
|
cd "${BUILD_WORKSPACE_DIRECTORY}"
|
|
|
|
###### script body ######
|
|
|
|
submodules=$(${go} list -f '{{.Dir}}' -m)
|
|
|
|
PATH=$(dirname "${go}"):${PATH}
|
|
|
|
check() {
|
|
err=0
|
|
|
|
echo "Scanning Go vulnerability DB for knwon vulnerabilities in modules:"
|
|
for mod in ${submodules}; do
|
|
echo " ${mod}"
|
|
echo -n " "
|
|
CGO_ENABLED=0 ${govulncheck} "${mod}/..." |
|
|
tail -n 2 | # Providing some nice output...
|
|
tr '\n' ' ' |
|
|
sed s/" your code and"// &&
|
|
printf "\n" ||
|
|
err=$?
|
|
done
|
|
|
|
exit "${err}"
|
|
|
|
}
|
|
|
|
if test -v SILENT; then
|
|
check > /dev/null
|
|
else
|
|
check
|
|
fi
|