Commit 9611fdb1 authored by totara-thib's avatar totara-thib
Browse files

ci(job): update mega_linter job by applying feedback

parent 837c3d41

jobs/mega_linter/CHANGELOG.md

+8 −0
Original line number Diff line number Diff line 
# Changelog

All notable changes to this job will be documented in this file.



## [1.5.0] - 2022-10-03

* Add `GITLAB_COMMENT_REPORTER` variable to displays errors in the comments section of merge requests

* Remove the `tap-junit` output conversion and use `sarif` by default

* Bump megalinter version to `v6.11.1`

* Remove `OUTPUT_FORMAT` and `OUTPUT_DETAIL` variables

* Activate `CSPELL` lint

* Remove default value of `FILTER_REGEX_EXCLUDE` variable

* Change the default value of `REPORT_OUTPUT_FOLDER` variable into `megalinter-reports`



## [1.4.0] - 2022-09-28

* Default output format is now `sarif` instead of `tap`(deprecated)

jobs/mega_linter/README.md

+15 −18
Original line number Diff line number Diff line 
## Objective



Lint all your files using

[MegaLinter](https://github.com/oxsecurity/megalinter/){:target="_blank"}. It

supports [50 languages, 22 formats, 20 tooling

formats](https://github.com/oxsecurity/megalinter#supported-linters) and ready

MegaLinter is an Open-Source tool for CI/CD workflows that analyzes the consistency of your code, IAC, configuration, and scripts in your repository sources, to ensure all your projects sources are clean and formatted whatever IDE/toolbox is used by their developers, powered by [OX security](https://www.ox.security/?ref=r2devops).



[MegaLinter](https://github.com/oxsecurity/megalinter/){:target="_blank"} supports [50 languages, 22 formats, 20 tooling

formats](https://github.com/oxsecurity/megalinter#supported-linters) and it's ready

to use out of the box.



## How to use it
@@ -17,16 +17,16 @@ to use out of the box. 


## Behavior



By default, this job will run MegaLinter on your project and lint all the files.

The default output defined by the `OUTPUT_FORMAT` variable is `sarif`. With this output, you will see the result of the linter in the Test section of the merge request and also have a code review with performed with [CodeClimate](https://codeclimate.com/quality).

By default, this job will run MegaLinter on your project, lint all the files and perform a code review with [CodeClimate](https://codeclimate.com/quality).



!!! info "TAP report format 🗃️" 

   For changing the output format to TAP, the `OUTPUT_FORMAT` variable should be edited. ⚠️ This format is **DEPRECATED** and is not recommended for use.

!!! info "How can i see errors in the report?" 

   While working on a merge_request, the `mega_linter` report summary will be displayed on the overview page inside the `Test summary` and `Code Quality` tabs.

   MegaLinter could also write comments directly in the merge request comments section (see `GITLAB_COMMENT_REPORTER` variable).

## Variables



!!! info

    This section describes the most significant variables [from this full

    list](https://github.com/oxsecurity/megalinter/#common-variables){:target="_blank"}.

    list](https://oxsecurity.github.io/megalinter/latest/configuration/){:target="_blank"}.



This job can be used without configuration. By default, it will detect files in

your repository and run relevant linter on them. You can also use variables to
@@ -38,17 +38,16 @@ customize its behavior. 
| ---- | ----------- | ------- |

| `DEFAULT_WORKSPACE` <img width=100/> | Directory where the linter will work <img width=175/>| `${CI_PROJECT_DIR}` <img width=100/>|

| `DEFAULT_BRANCH`| Default branch of your project | `${CI_DEFAULT_BRANCH}` |

| `FILTER_REGEX_EXCLUDE` | Regex in order to exclude specific files | `none` |

| `FILTER_REGEX_EXCLUDE` | Regex in order to exclude specific files | ` ` |

| `LINTER_RULES_PATH` | Directory where are stored linters configuration | `.linters` |

| `MEGALINTER_CONFIG` | MegaLinter configuration file location | `.mega_linter.yml` |

| `VALIDATE_ALL_CODEBASE` | Whether linters should only go through **edited** or **new** files | `true` |

| `REPORT_OUTPUT_FOLDER` | Folder where are stored all the reports | `${DEFAULT_WORKSPACE}/report` |

| `OUTPUT_FORMAT` | Additional format to be converted into JUnit report : `sarif` or `tap`(DEPRECATED) | `sarif` |

| `REPORT_OUTPUT_FOLDER` | Folder where are stored all the reports | `megalinter-reports` |

| `CONVERTED_OUTPUT_FOLDER` | Folder where are stored `JUnit` or `CodeClimate` reports | `converted-xml.report` |

| `TAP_JUNIT_VERSION` | [`tap-junit`](https://www.npmjs.com/package/tap-junit) tool version | `4.2.0` |

|`GITLAB_COMMENT_REPORTER` | Posts Mega-Linter results summary in the comments of the related merge request ([⚠️ GitLab API access require](https://oxsecurity.github.io/megalinter/latest/reporters/GitlabCommentReporter/){:target="_blank"}) | `true` |

| `REPORT_SUITE_TEST_NAME` | `JUnit` report suites name | `mega_linter` |

| `DISABLE_LINTERS` | Comma separated list of linters to be disabled | `SPELL_CSPELL` |

| `IMAGE_TAG` | The default tag for the docker image | `v6.8.0` |

| `DISABLE_LINTERS` | Comma separated list of linters to be disabled | ` ` |

| `IMAGE_TAG` | The default tag for the docker image | `v6.11.1` |



## Optimize MegaLinter
@@ -73,11 +72,9 @@ Two formats are available for the artifacts: 
- [JUnit](https://junit.org/junit5/)'s XML report to display error report directly in pipeline `Test` tab and in

merge request widget.

- [CodeClimate](https://codeclimate.com/quality)'s JSON report to display error report directly in merge request widget.

⚠️ This report is only available if the variable `OUTPUT_FORMAT` is set to `sarif`.



## Dependencies

The job uses the following dependencies for converting the `output` to `JUnit` or `CodeClimate`:

- [tap-junit](https://www.npmjs.com/package/tap-junit) tool to convert `TAP` to `JUnit`

- [sarif-junit](https://www.npmjs.com/package/sarif-junit) tool to convert `SARIF` to `JUnit`

- [sarif-codeclimate](https://www.npmjs.com/package/sarif-codeclimate) tool to convert `SARIF` to `CodeClimate`

jobs/mega_linter/mega_linter.yml

+11 −42
Original line number Diff line number Diff line
@@ -16,34 +16,27 @@ mega_linter: 
    DEFAULT_WORKSPACE: "${CI_PROJECT_DIR}"

    DEFAULT_BRANCH: "${CI_DEFAULT_BRANCH}"

    # Exclude files based on a regex

    FILTER_REGEX_EXCLUDE: "none"

    FILTER_REGEX_EXCLUDE: ""

    # Directory in which your linters configuration are

    LINTER_RULES_PATH: ".linters"

    # Your mega linter config file if any

    MEGALINTER_CONFIG: ".mega-linter.yml"

    # If set to false will only scan diff files from previous commit

    VALIDATE_ALL_CODEBASE: "true"

    # MegaLinter added exporter

    OUTPUT_FORMAT: "sarif"

    # Directory in which every report is filed

    REPORT_OUTPUT_FOLDER: "report"

    REPORT_OUTPUT_FOLDER: "megalinter-reports"

    # End folder where reports are held

    CONVERTED_OUTPUT_FOLDER: "converted-xml.report"

    # Tool tap-junit version, please don't use 5.0.0 until below issue is fixed

    # https://github.com/dhershman1/tap-junit/issues/39

    TAP_JUNIT_VERSION: "5.0.2"

    # Posts Mega-Linter results summary in the comments of the related merge request (if existing)

    # https://oxsecurity.github.io/megalinter/latest/reporters/GitlabCommentReporter/

    GITLAB_COMMENT_REPORTER: "true"

    # Name of the test suite in JUnit

    REPORT_SUITE_TEST_NAME: "mega_linter"

    # List of disabled linters in every case, this linter is deactivated due to

    # its time of processing (~10 minutes on tested projects)

    DISABLE_LINTERS: SPELL_CSPELL

    IMAGE_TAG: "v6.8.0"

    TAP_REPORTER_OUTPUT_DETAIL: "detailed"

    OUTPUT_DETAIL: "detailed"

    IMAGE_TAG: "v6.11.1"

  script:

    - if [ "${OUTPUT_FORMAT}" = "sarif"  ]; then

    -   export SARIF_REPORTER="true"

    - fi

    - FAILED=false

    - |

      if /entrypoint.sh true; then
@@ -52,34 +45,11 @@ mega_linter: 
        FAILED=true

      fi



    - if [ "${OUTPUT_FORMAT}" = "tap" ] && [[ -d "${CI_PROJECT_DIR}/${REPORT_OUTPUT_FOLDER}/tap" ]]; then



    -   npm install -g tap-junit@${TAP_JUNIT_VERSION}



    -   mkdir ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}

    -   cd ${CI_PROJECT_DIR}/${REPORT_OUTPUT_FOLDER}/tap



    -   for report in *; do

    # workaround for https://github.com/dhershman1/tap-junit/issues/30#issuecomment-744462006

    -     'sed -i "s/message: \*\+/message: /g" $report'

    # Some message got comments with # which are ignored by tap-junit, so we escape it

    -     'sed -i -E "s/(^|[ ]+)(#)[a-zA-Z]*/\1\/\//g" $report'

    # Converting TAP files into xml files with JUnit5 format

    -     cat $report | tap-junit -p -s "${REPORT_SUITE_TEST_NAME}" > ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}/${report}.xml

    # Remove escaping on newlines for readability

    -     sed -i 's/\\n/\n/g' ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}/${report}.xml

    # Replace ANSI colors as they are illegal characters

    -     sed -i 's/\x1b\[[0-9;]*m//g' ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}/${report}.xml

    -   done

    - fi



    - if [ "${OUTPUT_FORMAT}" = "sarif" ]; then 

    - mkdir ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}

    - cp ${CI_PROJECT_DIR}/${REPORT_OUTPUT_FOLDER}/megalinter-report.sarif ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}

    - cd ${CI_PROJECT_DIR}/${CONVERTED_OUTPUT_FOLDER}

    -   npx -y sarif-codeclimate@1.0.1 -i megalinter-report.sarif -o code-climate.json

    -   npx -y sarif-junit@1.1.0 -i megalinter-report.sarif -o junit.xml --test-suite ${REPORT_SUITE_TEST_NAME}

    - fi

    - npx -y sarif-codeclimate@1.0.2 -i megalinter-report.sarif -o code-climate.json

    - npx -y sarif-junit@1.1.3 -i megalinter-report.sarif -o junit.xml --test-suite ${REPORT_SUITE_TEST_NAME}



    - if [ "$FAILED" = true ]; then

    -   exit 1
@@ -88,7 +58,6 @@ mega_linter: 
  artifacts:

    when: always

    paths:

      - ${CI_PROJECT_DIR}/${REPORT_OUTPUT_FOLDER}/tap/*.tap

      - ${CI_PROJECT_DIR}/${REPORT_OUTPUT_FOLDER}

    expire_in: 1 week

    reports: