hub/.github/workflows/validate.yml at a5ddd547e306f71d68d1fd50d1789711f94e1cd7 · crowdsecurity/hub · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
name: validate each item against its schema
on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

jobs:
  yaml-schema-validation:
    runs-on: ubuntu-latest
    steps:
      - name: checkout repo
        uses: actions/checkout@v4

      - name: checkout yaml schemas
        uses: actions/checkout@v4
        with:
          repository: "crowdsecurity/crowdsec-yaml-schemas"
          path: crowdsec-yaml-schemas

      - name: split hub YAML to per-doc JSON (no jq)
        uses: mikefarah/yq@master
        with:
          cmd: |
            set -eu
            # iterate all YAMLs except .tests
            for f in $(find . -not -path './.*' -name '*yaml' -print); do
                base="${f%.yaml}"  # trim .yaml
                i=0
                    while : ; do
                        out="${base}.${i}.json"
                        # select one YAML document by index (0-based) and write it
                        yq -o=json 'select(documentIndex == '"$i"')' "$f" > "$out"
                        # empty file => no more docs, clean up and stop
                        if [ ! -s "$out" ]; then rm -f "$out"; break; fi
                        i=$((i+1))
                    done
                echo "split $f -> ${i} JSON doc(s)"
            done

      - name: validate parsers against schema
        # Don't get confused by the version, the cli has a different schema than the library
        run: |
          go install github.com/santhosh-tekuri/jsonschema/cmd/jv@v0.6.0
          for ITEM in ./parsers/*/*/*.json; do echo $ITEM && ~/go/bin/jv crowdsec-yaml-schemas/parser_schema.0.json $ITEM ; done

      - name: validate scenarios against schema
        run: |
          for ITEM in ./scenarios/*/*.json; do echo $ITEM && ~/go/bin/jv crowdsec-yaml-schemas/scenario_schema.0.json $ITEM ; done

      - name: validate postoverflows against schema
        run: |
          for ITEM in ./postoverflows/*/*/*.json; do echo $ITEM && ~/go/bin/jv crowdsec-yaml-schemas/parser_schema.0.json $ITEM ; done

      - name: validate collections against schema
        run: |
          for ITEM in ./collections/*/*.json; do echo $ITEM && ~/go/bin/jv crowdsec-yaml-schemas/collection_schema.0.json $ITEM ; done

      - name: validate appsec-rules against schema
        run: |
          for ITEM in ./appsec-rules/*/*.json; do echo $ITEM && ~/go/bin/jv crowdsec-yaml-schemas/appsec_rules_schema.0.json $ITEM ; done