From dfde198884dcb101d78b06e66888a4e0b5d10434 Mon Sep 17 00:00:00 2001
From: Eugene <fabasoad@gmail.com>
Date: Wed, 18 Sep 2024 07:47:23 +0900
Subject: [PATCH] Bump gitleaks/gitleaks from 8.18.4 to 8.19.2 (#9)
<!-- markdownlint-disable-file MD041 -->
## Pull request checklist
Please check if your PR fulfills the following requirements:
- [ ] I have read the
[CONTRIBUTING](https://github.com/fabasoad/setup-mark-action/blob/main/CONTRIBUTING.md)
doc.
- [ ] Tests for the changes have been added (for bug fixes / features).
- [ ] Docs have been reviewed and added / updated if needed (for bug
fixes / features).
## Pull request type
<!-- Please do not submit updates to dependencies unless it fixes an
issue. -->
<!-- Please try to limit your pull request to one type, submit multiple
pull
requests if needed. -->
Please check the type of change your PR introduces:
- [ ] Bugfix
- [ ] Feature
- [ ] Code style update (formatting, renaming)
- [ ] Refactoring (no functional changes, no api changes)
- [ ] Build related changes
- [ ] Documentation content changes
- [ ] Other (please describe):
## What is the current behavior
<!-- Please describe the current behavior that you are modifying, or
link to a
relevant issue. -->
## What is the new behavior
<!-- Please describe the behavior or changes that are being added by
this PR. -->
-
-
-
## Does this introduce a breaking change
- [ ] Yes
- [ ] No
<!-- If this introduces a breaking change, please describe the impact
and
migration path for existing applications below. -->
## Other information
<!-- Any other information that is important to this PR such as
screenshots of
how the component looks before and after the change. -->
<!-- This document was adapted from the open-source
[appium/appium](https://github.com/appium/appium/blob/master/.github/PULL_REQUEST_TEMPLATE.md)
repository. -->
---
Closes #{IssueNumber}
---
.github/workflows/functional-tests.yml | 2 +-
.pre-commit-config.yaml | 20 ++++--
action.yml | 6 ++
src/install-mark.sh | 91 ++++++++++++++------------
src/validate-inputs.sh | 27 ++++++++
5 files changed, 96 insertions(+), 50 deletions(-)
create mode 100755 src/validate-inputs.sh
diff --git a/.github/workflows/functional-tests.yml b/.github/workflows/functional-tests.yml
index 43db3b5..e656d83 100644
--- a/.github/workflows/functional-tests.yml
+++ b/.github/workflows/functional-tests.yml
@@ -23,7 +23,7 @@ jobs:
fail-fast: false
matrix:
os: ["ubuntu", "macos"]
- version: ["latest", "10.0.1", "10.0.0", "9.13.0", "9.12.0", "9.11.1"]
+ version: ["latest", "11.0.1", "11.0.0", "10.0.1", "10.0.0", "9.13.0"]
runs-on: ${{ matrix.os }}-latest
steps:
- name: Checkout ${{ github.repository }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index b236b6e..1897db2 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -3,6 +3,18 @@ default_install_hook_types: ["pre-commit", "pre-push"]
default_stages: ["commit"]
minimum_pre_commit_version: 2.18.0
repos:
+ # Linting
+ - repo: local
+ hooks:
+ - id: prettier
+ name: Prettier
+ entry: prettier --write --ignore-unknown
+ language: node
+ types: [text]
+ args: []
+ # https://github.com/prettier/prettier/releases
+ additional_dependencies: ["prettier@3.3.3"]
+ stages: ["commit"]
# Security
- repo: https://github.com/Yelp/detect-secrets
rev: v1.5.0
@@ -10,12 +22,12 @@ repos:
- id: detect-secrets
stages: ["commit", "push"]
- repo: https://github.com/gitleaks/gitleaks
- rev: v8.18.4
+ rev: v8.19.2
hooks:
- id: gitleaks
stages: ["commit", "push"]
- repo: https://github.com/fabasoad/pre-commit-grype
- rev: v0.6.0
+ rev: v0.6.1
hooks:
- id: grype-dir
args:
@@ -48,10 +60,6 @@ repos:
args: ["-pyflakes="]
stages: ["commit"]
# Other
- - repo: https://github.com/pre-commit/mirrors-prettier
- rev: v3.1.0
- hooks:
- - id: prettier
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
diff --git a/action.yml b/action.yml
index 3c51ef3..7493960 100644
--- a/action.yml
+++ b/action.yml
@@ -13,6 +13,12 @@ inputs:
runs:
using: "composite"
steps:
+ - name: Validate inputs
+ env:
+ INPUT_VERSION: "${{ inputs.version }}"
+ run: ./validate-inputs.sh "${INPUT_VERSION}"
+ shell: sh
+ working-directory: ${{ github.action_path }}/src
- name: Install kovetskiy/mark
env:
INPUT_VERSION: "${{ inputs.version }}"
diff --git a/src/install-mark.sh b/src/install-mark.sh
index e8fa0cc..65e8610 100755
--- a/src/install-mark.sh
+++ b/src/install-mark.sh
@@ -1,52 +1,57 @@
#!/usr/bin/env sh
-mark_version="$1"
+main() {
+ mark_version="${1}"
-# shellcheck disable=SC2039
-if command -v mark >/dev/null 2>&1; then
- msg="$(mark --version) is already installed. Skipping installation."
- printf "[setup-mark-action] %s level=info %s\n" "$(date +'%Y-%m-%d %T')" "${msg}"
- exit 0
-fi
-
-if [ "${mark_version}" = "latest" ]; then
- url_prefix="https://github.com/kovetskiy/mark/releases/latest/download"
-else
- url_prefix="https://github.com/kovetskiy/mark/releases/download/${mark_version}"
-fi
-
-url=""
-if [ "${RUNNER_OS}" = "macOS" ]; then
- if [ "${RUNNER_ARCH}" = "X64" ]; then
- url="${url_prefix}/mark_Darwin_x86_64.tar.gz"
- elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
- url="${url_prefix}/mark_Darwin_arm64.tar.gz"
+ # shellcheck disable=SC2039
+ if command -v mark >/dev/null 2>&1; then
+ msg="$(mark --version) is already installed. Skipping installation."
+ printf "[setup-mark-action] %s level=info %s\n" "$(date +'%Y-%m-%d %T')" "${msg}"
+ exit 0
fi
-elif [ "${RUNNER_OS}" = "Linux" ]; then
- if [ "${RUNNER_ARCH}" = "X64" ]; then
- url="${url_prefix}/mark_Linux_x86_64.tar.gz"
- elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
- url="${url_prefix}/mark_Linux_arm64.tar.gz"
+
+ url_prefix="https://github.com/kovetskiy/mark/releases"
+ if [ "${mark_version}" = "latest" ]; then
+ url_prefix="${url_prefix}/latest/download"
+ else
+ url_prefix="${url_prefix}/download/${mark_version}"
fi
-fi
-if [ -z "${url}" ]; then
- echo "::error title=OS is not supported::${RUNNER_OS} ${RUNNER_ARCH} is not supported"
- exit 1
-fi
+ url=""
+ if [ "${RUNNER_OS}" = "macOS" ]; then
+ if [ "${RUNNER_ARCH}" = "X64" ]; then
+ url="${url_prefix}/mark_Darwin_x86_64.tar.gz"
+ elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
+ url="${url_prefix}/mark_Darwin_arm64.tar.gz"
+ fi
+ elif [ "${RUNNER_OS}" = "Linux" ]; then
+ if [ "${RUNNER_ARCH}" = "X64" ]; then
+ url="${url_prefix}/mark_Linux_x86_64.tar.gz"
+ elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
+ url="${url_prefix}/mark_Linux_arm64.tar.gz"
+ fi
+ fi
-bin_path="${RUNNER_TEMP}/bin"
-mkdir -p "${bin_path}"
-tar_path="${bin_path}/mark.tar.gz"
-checksums_path="${bin_path}/checksums.txt"
-curl -sL "${url}" -o "${tar_path}"
-curl -sL "${url_prefix}/checksums.txt" -o "${checksums_path}"
+ if [ -z "${url}" ]; then
+ echo "::error title=OS is not supported::${RUNNER_OS} ${RUNNER_ARCH} is not supported"
+ exit 1
+ fi
-if ! grep -qF "$(shasum -a 256 "${tar_path}" | cut -d ' ' -f 1)" "${checksums_path}"; then
- echo "::error title=Checksum error::Checksum is different from the downloaded binary"
- exit 1
-fi
+ bin_path="${RUNNER_TEMP}/bin"
+ mkdir -p "${bin_path}"
+ tar_path="${bin_path}/mark.tar.gz"
+ checksums_path="${bin_path}/checksums.txt"
+ curl -sL "${url}" -o "${tar_path}"
+ curl -sL "${url_prefix}/checksums.txt" -o "${checksums_path}"
-tar -xf "${tar_path}" -C "${bin_path}"
-rm -f "${tar_path}"
-echo "${bin_path}" >> "$GITHUB_PATH"
+ if ! grep -qF "$(shasum -a 256 "${tar_path}" | cut -d ' ' -f 1)" "${checksums_path}"; then
+ echo "::error title=Checksum error::Checksum is different from the downloaded binary"
+ exit 1
+ fi
+
+ tar -xf "${tar_path}" -C "${bin_path}"
+ rm -f "${tar_path}"
+ echo "${bin_path}" >> "$GITHUB_PATH"
+}
+
+main "$@"
diff --git a/src/validate-inputs.sh b/src/validate-inputs.sh
new file mode 100755
index 0000000..94edc96
--- /dev/null
+++ b/src/validate-inputs.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env sh
+
+# Validates value to be a valid semver string.
+# Parameters:
+# 1. (Required) Param name to display it correctly in the error message for the
+# users.
+# 2. (Required) Param value that will be validated.
+#
+# Usage examples:
+# check_semver "my-valid-semver-1" "1.2.3"
+# check_semver "my-valid-semver-3" "latest"
+# check_semver "my-invalid-semver" "1.2.3-rc1"
+check_semver() {
+ if ! echo "${2}" | grep -Eq '^(latest|[0-9]+(\.[0-9]+){0,2})$'; then
+ msg="\"${1}\" parameter is invalid. \"${2}\" is not a valid semver."
+ echo "::error title=Invalid parameter::${msg}"
+ exit 30
+ fi
+}
+
+main() {
+ input_version="${1}"
+
+ check_semver "version" "${input_version}"
+}
+
+main "$@"