diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 284ad79..6ec462f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -73,7 +73,7 @@ jobs: - name: Verify shell scripts run: | echo "::add-matcher::.github/matcher-shellcheck.json" - shellcheck -f gcc -S warning hadolint.sh lib/*.sh test/*.sh + shellcheck -f gcc -S warning hadolint.sh install.sh lib/*.sh test/*.sh shfmt: name: Shfmt runs-on: ubuntu-22.04 @@ -84,4 +84,4 @@ jobs: version: "3.7.0" run: curl -Ls -o shfmt "https://github.com/mvdan/sh/releases/download/v${{ env.version }}/shfmt_v${{ env.version }}_linux_amd64" && chmod +x shfmt && sudo mv shfmt /usr/local/bin - name: Lint shell scripts - run: shfmt -i 2 -d hadolint.sh lib/*.sh test/*.sh + run: shfmt -i 2 -d hadolint.sh install.sh lib/*.sh test/*.sh diff --git a/action.yml b/action.yml index 1ec3356..a895e77 100644 --- a/action.yml +++ b/action.yml @@ -45,37 +45,10 @@ runs: steps: - name: Download hadolint and make it available in path shell: bash - run: | - download_hadolint=false - # Check if hadolint exists - if [ ! -x "${{ github.action_path }}/bin/hadolint" ]; then - echo "::debug::Hadolint binary not found" - download_hadolint=true - else - echo "::debug::Hadolint binary exists" - version=$(${{ github.action_path }}/bin/hadolint --version 2>&1) - # Check if hadolint version can be retrieved - if [ $? -ne 0 ]; then - echo "::debug::Hadolint version cannot be retrieved" - download_hadolint=true - else - # Extract version number - version=$(echo "$version" | awk '{print $NF}') - if [ "$version" != "${{ inputs.version }}" ]; then - echo "::debug::Hadolint version does not match input version ($version != ${{ inputs.version }})" - download_hadolint=true - fi - fi - fi - # Download hadolint if necessary - if [ "$download_hadolint" = true ]; then - echo "::debug::Downloading Hadolint ${{ inputs.version }}" - mkdir -p ${{ github.action_path }}/bin - curl -L -s -o ${{ github.action_path }}/bin/hadolint \ - "https://github.com/hadolint/hadolint/releases/download/v${{ inputs.version }}/hadolint-Linux-x86_64" - chmod +x ${{ github.action_path }}/bin/hadolint - fi - echo "${{ github.action_path }}/bin" >> "${GITHUB_PATH}" + env: + version: ${{ inputs.version }} + run: ${{ github.action_path }}/install.sh + - name: Invoke hadolint.sh id: run shell: bash diff --git a/install.sh b/install.sh new file mode 100755 index 0000000..0c6e603 --- /dev/null +++ b/install.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +CI=${GITHUB_ACTIONS:-} + +[[ -n "${DEBUG}" ]] && set -x +set -euo pipefail +shopt -s nullglob globstar + +[[ -z ${CI} ]] && echo "Will only run in Github Actions" && exit 1 + +VERSION=${version:-} + +DOWNLOAD="false" +# Check if hadolint exists +if [ -x "$(command -v hadolint)" ]; then + INSTALLED_VERSION=$(hadolint --version | cut -d " " -f 4 2>&1) + echo "::debug::Found existing Hadolint version: ${INSTALLED_VERSION}" + if [ "${INSTALLED_VERSION}" != "${VERSION}" ]; then + echo "::debug::Hadolint version (${INSTALLED_VERSION}) does not match requested version (${VERSION})" + DOWNLOAD="true" + fi +fi + +# Download hadolint if necessary +if [ "${DOWNLOAD}" == "true" ]; then + echo "::debug::Downloading Hadolint ${VERSION}" + # https://github.com/actions/runner-images/issues/3727 + # /usr/local/bin exists and is writable by any user + curl -L --fail -w "1" -o ./hadolint \ + "https://github.com/hadolint/hadolint/releases/download/v${VERSION}/hadolint-Linux-x86_64" || + echo "::error::Hadolint (version: ${VERSION}) could not be found. Exiting." && exit 1 + chmod +x /usr/local/bin/hadolint +fi