Skip to content

Commit

Permalink
Env variable replacement for PRE_COMMIT
Browse files Browse the repository at this point in the history
Allow to replace an ENV var value with the value of another ENV var before calling a PRE_COMMAND (helps for tflint run from GitHub Enterprise)
Fixes #2947
  • Loading branch information
nvuillam committed Nov 22, 2024
1 parent 7f790c0 commit 3affaa3
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .automation/test/pre-post-test/.mega-linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ PRE_COMMANDS:
- command: export MY_OUTPUT_VARIABLE="my output variable value" && export MY_OUTPUT_VARIABLE2="my output variable value2"
output_variables: ["MY_OUTPUT_VARIABLE", "MY_OUTPUT_VARIABLE2"]
cwd: "root"
- command: export MY_OUTPUT_VARIABLE_REPLACED="$MY_INPUT_VARIABLE"
replacement_env_vars:
- var_src: MY_INPUT_VARIABLE_REPLACEMENT
- var_dest: MY_INPUT_VARIABLE
output_variables: ["MY_OUTPUT_VARIABLE_REPLACED"]
cwd: "root"
POST_COMMANDS:
- command: npm run test
cwd: "workspace"
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-linter.yml file, or with `oxsecurity/megalinter:beta` docker image

- Core
- Allow to replace an ENV var value with the value of another ENV var before calling a PRE_COMMAND (helps for tflint run from GitHub Enterprise)

- New linters

Expand Down
5 changes: 5 additions & 0 deletions megalinter/descriptors/terraform.megalinter-descriptor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ linters:
linter_text: |
> If you are using the GitHub action please use the `TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES: GITHUB_TOKEN` to prevent plugin download issues
> If you have issues with tflint --init, create a GitHub Personal Access Token and set its value to PAT_GITHUB_COM variable.
Note: It's recommended to create your own `.tflint.hcl` custom config file tailored to your project's specific needs.
The default configuration enables all supported languages and rules, which may not be optimal for every project.
linter_icon_png_url: https://raw.githubusercontent.com/oxsecurity/megalinter/main/docs/assets/icons/linters/tflint.png
Expand All @@ -38,6 +40,9 @@ linters:
- name: TERRAFORM_TFLINT_SECURED_ENV
default_value: true
description: Allows to send the full env to **tflint --init**. Initialized with default value `true`. Set to `false` to allow `tflint --init` to access your env vars.
- name: PAT_GITHUB_COM
default_value: ""
description: If you have issues with tflint --init, create a GitHub Personal Access Token and set its value to PAT_GITHUB_COM variable.
examples:
- "tflint"
- "tflint -c .tflint.hcl"
Expand Down
6 changes: 6 additions & 0 deletions megalinter/linters/TfLintLinter.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ def before_lint_files(self):
"command": tflint_init_command,
"cwd": self.workspace,
"secured_env": tflint_secured_env,
"replacement_env_vars": [
{
"var_dest": "GITHUB_TOKEN",
"var_src": "PAT_GITHUB_COM"
}
]
}
if self.pre_commands is None:
self.pre_commands = []
Expand Down
5 changes: 5 additions & 0 deletions megalinter/pre_post_factory.py
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,11 @@ def run_command(command_info, log_key, mega_linter, linter=None):
mega_linter.request_id, command_info["secured_env"], unsecured_env_variables
)
}
# Complete with replacement variables if necessary
if "replacement_env_vars" in command_info:
for replacement in command_info["replacement_env_vars"]:
if replacement["var_src"] in subprocess_env:
subprocess_env[replacement["var_dest"]] = replacement["var_src"]
add_in_logs(
linter,
log_key,
Expand Down
7 changes: 7 additions & 0 deletions megalinter/tests/test_megalinter/pre_post_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@ def test_pre_post_success(self):
"GITHUB_COMMENT_REPORTER": "false",
"LOG_LEVEL": "DEBUG",
"request_id": self.request_id,
"MY_INPUT_VARIABLE": "SHOULD_BE_REPLACED",
"MY_INPUT_VARIABLE_REPLACEMENT": "HAS_BEEN_REPLACED"
}
)
self.assertTrue(
Expand All @@ -53,6 +55,11 @@ def test_pre_post_success(self):
== "my output variable value2",
"MY_OUTPUT_VARIABLE2 should be found",
)
self.assertTrue(
config.get(self.request_id, "MY_OUTPUT_VARIABLE_REPLACED", "")
== "HAS_BEEN_REPLACED",
"MY_OUTPUT_VARIABLE_REPLACED has not been replaced",
)
self.assertTrue(
config.get(self.request_id, "MY_OUTPUT_LINTER_VARIABLE", "")
== "my output linter variable value",
Expand Down

0 comments on commit 3affaa3

Please sign in to comment.