moby--moby/hack/validate/default-seccomp

#!/usr/bin/env bash

SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPTDIR}/.validate"

IFS=$'\n'
files=($(validate_diff --diff-filter=ACMR --name-only -- 'profiles/seccomp' || true))
unset IFS

if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then
	# We run 'go generate' and see if we have a diff afterwards
	go generate ./profiles/seccomp/ > /dev/null
	# Let see if the working directory is clean
	diffs="$(git status --porcelain -- profiles/seccomp 2> /dev/null)"
	if [ "$diffs" ]; then
		{
			echo 'The result of go generate ./profiles/seccomp/ differs'
			echo
			echo "$diffs"
			echo
			echo 'Please re-run go generate ./profiles/seccomp/'
			echo
		} >&2
		false
	else
		echo 'Congratulations!  Seccomp profile generation is done correctly.'
	fi
fi
Convert script shebangs from "#!/bin/bash" to "#!/usr/bin/env bash" This is especially important for distributions like NixOS where `/bin/bash` doesn't exist, or for MacOS users who've installed a newer version of Bash than the one that comes with their OS. Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com> 2017-02-13 19:01:54 +00:00			`#!/usr/bin/env bash`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00
validate: address SC2155 (shellcheck) see https://github.com/koalaman/shellcheck/wiki/SC2155 Looking at how these were used, I don't think we even need to export them, so removing that. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-08-26 14:08:14 +00:00			`SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
Move validation out of hack/make Allow each script to run directly without the hack/make.sh wrapper. These scripts do not produce artifacts and do not benefit from the "bundles" framework. Signed-off-by: Daniel Nephin <dnephin@docker.com> 2016-10-12 19:25:49 +00:00			`source "${SCRIPTDIR}/.validate"`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00
			`IFS=$'\n'`
run shfmt git grep --name-only '^#!' \| egrep -v '(vendor\|\.go\|Jenkinsfile)' \| xargs shfmt -w -bn -ci -sr Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2020-03-03 03:27:49 +00:00			`files=($(validate_diff --diff-filter=ACMR --name-only -- 'profiles/seccomp' \|\| true))`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00			`unset IFS`

hack/validate: allow forcing validation This introduces a FORCE_VALIDATE environment variable, which allows forcing some validation steps, even if no changes were detected. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2019-10-07 13:20:03 +00:00			`if [ -n "${TEST_FORCE_VALIDATE:-}" ] \|\| [ ${#files[@]} -gt 0 ]; then`
Move validation out of hack/make Allow each script to run directly without the hack/make.sh wrapper. These scripts do not produce artifacts and do not benefit from the "bundles" framework. Signed-off-by: Daniel Nephin <dnephin@docker.com> 2016-10-12 19:25:49 +00:00			`# We run 'go generate' and see if we have a diff afterwards`
run shfmt git grep --name-only '^#!' \| egrep -v '(vendor\|\.go\|Jenkinsfile)' \| xargs shfmt -w -bn -ci -sr Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2020-03-03 03:27:49 +00:00			`go generate ./profiles/seccomp/ > /dev/null`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00			`# Let see if the working directory is clean`
run shfmt git grep --name-only '^#!' \| egrep -v '(vendor\|\.go\|Jenkinsfile)' \| xargs shfmt -w -bn -ci -sr Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> 2020-03-03 03:27:49 +00:00			`diffs="$(git status --porcelain -- profiles/seccomp 2> /dev/null)"`
Revert "Bash scripts; use double brackets, fix bare variables, add quotes" This reverts commit 297b30df5ff4deaaedb6ceb17d7bd2e306a580ab. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2019-01-10 01:23:38 +00:00			`if [ "$diffs" ]; then`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00			`{`
			`echo 'The result of go generate ./profiles/seccomp/ differs'`
			`echo`
			`echo "$diffs"`
			`echo`
			`echo 'Please re-run go generate ./profiles/seccomp/'`
			`echo`
			`} >&2`
			`false`
			`else`
hack/validate: clean-up output, move golang-ci-lint to end The golang-ci-lint takes longest to run, so do the other checks first; this also makes the output a bit more readable. While at it, fix some consistency issues in the output of the other checks. Before this change: TEST_FORCE_VALIDATE=1 hack/validate/default Congratulations! All commits are properly signed with the DCO! Congratulations! Seccomp profile generation is done correctly. INFO [config_reader] Used config file hack/validate/golangci-lint.yml INFO [lintersdb] Active 15 linters: [deadcode gofmt goimports golint gosec gosimple govet ineffassign misspell staticcheck structcheck typecheck unconvert unused varcheck] ... INFO Execution took 2m12.4287302s Congratulations! "./pkg/..." is safely isolated from internal code. The swagger spec at "api/swagger.yaml" is valid against swagger specification 2.0 Congratulations! All api changes are done the right way. Congratulations! All toml source files changed here have valid syntax. Congratulations! Changelog CHANGELOG.md is well-formed. Congratulations! Changelog CHANGELOG.md dates are in descending order. After this change: TEST_FORCE_VALIDATE=1 hack/validate/default Congratulations! All commits are properly signed with the DCO! Congratulations! Seccomp profile generation is done correctly. Congratulations! Packages in "./pkg/..." are safely isolated from internal code. Congratulations! The swagger spec at "api/swagger.yaml" is valid against swagger specification 2.0 Congratulations! All API changes are done the right way. Congratulations! All TOML source files changed here have valid syntax. Congratulations! Changelog CHANGELOG.md is well-formed. Congratulations! Changelog CHANGELOG.md dates are in descending order. Congratulations! No new tests were added to integration-cli. INFO Start validation with golang-ci-lint INFO [config_reader] Used config file hack/validate/golangci-lint.yml INFO [lintersdb] Active 15 linters: [deadcode gofmt goimports golint gosec gosimple govet ineffassign misspell staticcheck structcheck typecheck unconvert unused varcheck] ... INFO Execution took 2m12.4287302s Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2019-10-11 11:31:18 +00:00			`echo 'Congratulations! Seccomp profile generation is done correctly.'`
add validation for generating default secccomp profile Signed-off-by: Jessica Frazelle <acidburn@docker.com> 2016-02-08 18:52:53 +00:00			`fi`
			`fi`