Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add validation for docker-cmd-file #822

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ Specify a command to run when the image start.
By default the image run
`renovate`.
This option is useful to customize the image before running `renovate`.
It must be an existing executable file on the local system.
It must be an existing file on the local system and it must have execute permission.
It will be mounted to the docker container.

For example you can create a simple script like this one (let's call it
Expand Down
25 changes: 25 additions & 0 deletions src/renovate.ts
Original file line number Diff line number Diff line change
Expand Up @@ -97,11 +97,15 @@
return match.groups.groupId;
}

private async validateArguments(): Promise<void> {

Check failure on line 100 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Async method 'validateArguments' has no 'await' expression
if (/\s/.test(this.input.token.value)) {
throw new Error('Token MUST NOT contain whitespace');
}
this.validateConfigFileArgument();
this.validateDockerCmdFileArgument();
viceice marked this conversation as resolved.
Show resolved Hide resolved
}

private validateConfigFileArgument(): void {
viceice marked this conversation as resolved.
Show resolved Hide resolved
const configurationFile = this.input.configurationFile();
if (
configurationFile !== null &&
Expand All @@ -112,6 +116,27 @@
);
}
}

private validateDockerCmdFileArgument(): void {
viceice marked this conversation as resolved.
Show resolved Hide resolved
const dockerCmdFile = this.input.getDockerCmdFile();
if (dockerCmdFile !== null) {
if (
!fs.existsSync(dockerCmdFile) ||

Check failure on line 124 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Unsafe call of an `any` typed value
!fs.statSync(dockerCmdFile).isFile()

Check failure on line 125 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Unsafe call of an `any` typed value

Check failure on line 125 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Unsafe call of an `any` typed value

Check failure on line 125 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Unsafe member access .isFile on an `any` value
) {
throw new Error(
`dockerCmdFile '${dockerCmdFile}' MUST be an existing file`,
);
}
try {
fs.accessSync(dockerCmdFile, fs.constants.R_OK | fs.constants.X_OK);

Check failure on line 132 in src/renovate.ts

View workflow job for this annotation

GitHub Actions / lint

Unsafe call of an `any` typed value
lazytesting marked this conversation as resolved.
Show resolved Hide resolved
} catch {
throw new Error(
`dockerCmdFile '${dockerCmdFile}' MUST have read and execute rights`,
);
}
viceice marked this conversation as resolved.
Show resolved Hide resolved
}
}
}

export default Renovate;
Loading