Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Detect missing the --version flag in dotnet tool install foo invocations #89

Merged
merged 5 commits into from
May 23, 2023
Merged

Detect missing the --version flag in dotnet tool install foo invocations #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
92d99ed
FileConventions.Test: add failing test
tehraninasab Mar 15, 2023
f7f987e
FileConventions: implement the function
tehraninasab Mar 16, 2023
7347552
scripts/unpinnedDotnetToolInstallVersions.fsx: add
tehraninasab Mar 16, 2023
cf38d32
GitHubCI: run the script
tehraninasab Mar 16, 2023
ac37590
ReadMe: update
tehraninasab Mar 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/CI.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,8 @@ jobs:
run: dotnet fsi scripts/unpinnedDotnetPackageVersions.fsx
- name: Check there are no unpinned nuget package reference versions in F# scripts
run: dotnet fsi scripts/unpinnedNugetPackageReferenceVersions.fsx
- name: Check there are no unpinned versions in `dotnet tool install` commands
run: dotnet fsi scripts/unpinnedDotnetToolInstallVersions.fsx
- name: Check if gitPush1by1 was used
if: github.event_name == 'pull_request'
run: dotnet fsi scripts/detectNotUsingGitPush1by1.fsx
Expand Down
3 changes: 1 addition & 2 deletions ReadMe.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ This is a repository that contains several useful things that other `nblockchain
* [Use of `-latest` suffix in `runs-on:` GitHubCI tags](scripts/unpinnedGitHubActionsImageVersions.fsx).
* [Use of asterisk (*) in `PackageReference` items of .NET projects](scripts/unpinnedDotnetPackageVersions.fsx).
* [Missing the version number in `#r "nuget: ` refs of F# scripts](scripts/unpinnedNugetPackageReferenceVersions.fsx).
* [Missing the `--version` flag in `dotnet tool install foo` invocations](scripts/unpinnedDotnetToolInstallVersions.fsx).

All in all, this is mainly documentation, and some tooling to detect bad practices.

Expand All @@ -21,5 +22,3 @@ More things to come:
- Detect old versions of FSharpLint and fantomas/fantomless being used.
- Detect old versions of .editorconfig or Directory.Build.props being used.
- Detect non-verbose flags (e.g. `dotnet build -c Debug` instead of `dotnet build --configuration Debug`) being used in scripts or YML CI files (there are exceptions, e.g. `env -S`).
- Detect unpinned versions, such as:
* Missing the `--version` flag in `dotnet tool install foo` invocations.
20 changes: 20 additions & 0 deletions scripts/unpinnedDotnetToolInstallVersions.fsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/usr/bin/env -S dotnet fsi

open System
open System.IO

#load "../src/FileConventions/Library.fs"
#load "../src/FileConventions/Helpers.fs"

let rootDir = Path.Combine(__SOURCE_DIRECTORY__, "..") |> DirectoryInfo

let invalidFiles =
Helpers.GetInvalidFiles
rootDir
"*.yml"
FileConventions.DetectUnpinnedDotnetToolInstallVersions

let message =
"Please define the package version number in the `dotnet tool install` commands."

Helpers.AssertNoInvalidFiles invalidFiles message
17 changes: 17 additions & 0 deletions src/FileConventions.Test/DummyFiles/DummyCIWithUnpinnedDotnetToolInstallVersion.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
name: CI

on: [push, pull_request]

jobs:
build:
name: Build
runs-on: ubuntu-22.04
container:
image: "ubuntu:22.04"
steps:
- name: Install fantomless-tool
run: |
dotnet tool install fantomless-tool
- name: Print "Hello World!"
run: echo "Hello World"

16 changes: 16 additions & 0 deletions src/FileConventions.Test/FileConventions.Test.fs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,22 @@ let DetectUnpinnedVersionsInGitHubCI2() =
Assert.That(DetectUnpinnedVersionsInGitHubCI fileInfo, Is.EqualTo false)


[<Test>]
let DetectUnpinnedDotnetToolInstallVersions1() =
let fileInfo =
(FileInfo(
Path.Combine(
dummyFilesDirectory.FullName,
"DummyCIWithUnpinnedDotnetToolInstallVersion.yml"
)
))

Assert.That(
DetectUnpinnedDotnetToolInstallVersions fileInfo,
Is.EqualTo true
)


[<Test>]
let DetectAsteriskInPackageReferenceItems1() =
let fileInfo =
Expand Down
18 changes: 18 additions & 0 deletions src/FileConventions/Library.fs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,24 @@ let DetectUnpinnedVersionsInGitHubCI(fileInfo: FileInfo) =

latestTagInRunsOnRegex.IsMatch fileText

let DetectUnpinnedDotnetToolInstallVersions(fileInfo: FileInfo) =
assert (fileInfo.FullName.EndsWith(".yml"))

let fileLines = File.ReadLines fileInfo.FullName

let dotnetToolInstallRegex =
Regex("dotnet\\s+tool\\s+install\\s+", RegexOptions.Compiled)

let unpinnedDotnetToolInstallVersions =
fileLines
|> Seq.filter(fun line -> dotnetToolInstallRegex.IsMatch line)
|> Seq.filter(fun line ->
not(line.Contains("--version")) && not(line.Contains("-v"))
)
|> (fun unpinnedVersions -> Seq.length unpinnedVersions > 0)

unpinnedDotnetToolInstallVersions

let DetectAsteriskInPackageReferenceItems(fileInfo: FileInfo) =
assert (fileInfo.FullName.EndsWith "proj")
use streamReader = new StreamReader(fileInfo.FullName)
Expand Down