Skip to content

chore(jenkins): Updates Jenkins plugins #287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 227 commits into from
Closed

chore(jenkins): Updates Jenkins plugins #287

wants to merge 227 commits into from

Conversation

@gounthar
Copy link
Owner

@gounthar gounthar commented Dec 11, 2024
edited by coderabbitai bot
Loading

This pull request updates the Jenkins plugins listed in plugins.txt.

Summary by CodeRabbit

  • Chores
    • Updated version numbers for multiple plugins, including cloudbees-folder and credentials.

dependabot bot and others added 30 commits January 15, 2024 12:10
@dependabot
chore(deps): bump debian in /dockerfiles/sidekick
6371ea7 
Bumps debian from bookworm-20231218 to bookworm-20240110.

---
updated-dependencies:
- dependency-name: debian
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@gounthar
chore(jenkins): Update Jenkins plugins
f4652b9
@gounthar
Merge pull request #66 from gounthar/dependabot/docker/dockerfiles/si…
880857c 
…dekick/debian-bookworm-20240110

chore(deps): bump debian from bookworm-20231218 to bookworm-20240110 in /dockerfiles/sidekick
@gounthar
Merge pull request #71 from gounthar/update-plugins-2024/01/20/00/53/55
dfd0d86 
chore(jenkins): Updates Jenkins plugins
@gounthar
chore(jenkins): Update Jenkins plugins
68a9c43
@dependabot
chore(deps): bump updatecli/updatecli-action from 2.52.0 to 2.53.0
dfdadc1 
Bumps [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action) from 2.52.0 to 2.53.0.
- [Release notes](https://github.com/updatecli/updatecli-action/releases)
- [Commits](updatecli/updatecli-action@v2.52.0...v2.53.0)

---
updated-dependencies:
- dependency-name: updatecli/updatecli-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump anchore/scan-action from 3.5.0 to 3.6.0
5f1c3f5 
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md)
- [Commits](anchore/scan-action@1d59d90...0550541)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@gounthar
Merge pull request #72 from gounthar/update-plugins-2024/01/21/00/58/49
718423d 
chore(jenkins): Updates Jenkins plugins
@gounthar
chore(jenkins): Update Jenkins plugins
c61d366
@gounthar
Merge pull request #80 from gounthar/update-plugins-2024/01/27/00/50/27
2592b87 
chore(jenkins): Updates Jenkins plugins
@gounthar
Merge pull request #74 from gounthar/dependabot/github_actions/update…
7957d03 
…cli/updatecli-action-2.53.0

chore(deps): bump updatecli/updatecli-action from 2.52.0 to 2.53.0
@gounthar
Merge pull request #75 from gounthar/dependabot/github_actions/anchor…
9301635 
…e/scan-action-3.6.0

chore(deps): bump anchore/scan-action from 3.5.0 to 3.6.0
@dependabot
chore(deps): bump updatecli/updatecli-action from 2.53.0 to 2.54.0
29047a1 
Bumps [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action) from 2.53.0 to 2.54.0.
- [Release notes](https://github.com/updatecli/updatecli-action/releases)
- [Commits](updatecli/updatecli-action@v2.53.0...v2.54.0)

---
updated-dependencies:
- dependency-name: updatecli/updatecli-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump debian in /dockerfiles/sidekick
ad54c32 
Bumps debian from bookworm-20240110 to bookworm-20240130.

---
updated-dependencies:
- dependency-name: debian
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump jenkins/ssh-agent in /dockerfiles/python
968fb4d 
Bumps jenkins/ssh-agent from 5.22.0 to 5.24.0.

---
updated-dependencies:
- dependency-name: jenkins/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump jenkins/ssh-agent in /dockerfiles/android
1718b44 
Bumps jenkins/ssh-agent from 5.22.0 to 5.24.0.

---
updated-dependencies:
- dependency-name: jenkins/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump jenkins/ssh-agent in /dockerfiles/maven
304c9f1 
Bumps jenkins/ssh-agent from 5.22.0 to 5.24.0.

---
updated-dependencies:
- dependency-name: jenkins/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump release-drafter/release-drafter from 5 to 6
579ac9a 
Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 5 to 6.
- [Release notes](https://github.com/release-drafter/release-drafter/releases)
- [Commits](release-drafter/release-drafter@v5...v6)

---
updated-dependencies:
- dependency-name: release-drafter/release-drafter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump anchore/scan-action from 3.6.0 to 3.6.4
7cd64be 
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 3.6.0 to 3.6.4.
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md)
- [Commits](anchore/scan-action@0550541...3343887)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump jenkins/ssh-agent in /dockerfiles/multi
fb8577e 
Bumps jenkins/ssh-agent from 5.22.0 to 5.24.0.

---
updated-dependencies:
- dependency-name: jenkins/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump jenkins/ssh-agent in /dockerfiles/node
06aeafb 
Bumps jenkins/ssh-agent from 5.22.0 to 5.24.0.

---
updated-dependencies:
- dependency-name: jenkins/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0
79ac782 
Bumps [codacy/codacy-analysis-cli-action](https://github.com/codacy/codacy-analysis-cli-action) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/codacy/codacy-analysis-cli-action/releases)
- [Commits](codacy/codacy-analysis-cli-action@5cc54a7...33d4559)

---
updated-dependencies:
- dependency-name: codacy/codacy-analysis-cli-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@gounthar
chore(jenkins): Update Jenkins plugins
00ca3a4
@gounthar
Merge pull request #81 from gounthar/dependabot/github_actions/update…
a7d1975 
…cli/updatecli-action-2.54.0

chore(deps): bump updatecli/updatecli-action from 2.53.0 to 2.54.0
@gounthar
Merge pull request #90 from gounthar/dependabot/docker/dockerfiles/si…
be43f8b 
…dekick/debian-bookworm-20240130

chore(deps): bump debian from bookworm-20240110 to bookworm-20240130 in /dockerfiles/sidekick
@gounthar
Merge pull request #91 from gounthar/dependabot/docker/dockerfiles/py…
dd0e87a 
…thon/jenkins/ssh-agent-5.24.0

chore(deps): bump jenkins/ssh-agent from 5.22.0 to 5.24.0 in /dockerfiles/python
@gounthar
Merge pull request #93 from gounthar/dependabot/docker/dockerfiles/ma…
ed900c5 
…ven/jenkins/ssh-agent-5.24.0

chore(deps): bump jenkins/ssh-agent from 5.22.0 to 5.24.0 in /dockerfiles/maven
@gounthar
Merge pull request #94 from gounthar/dependabot/github_actions/releas…
955ad23 
…e-drafter/release-drafter-6

chore(deps): bump release-drafter/release-drafter from 5 to 6
@gounthar
Merge pull request #95 from gounthar/dependabot/github_actions/anchor…
6876c9b 
…e/scan-action-3.6.4

chore(deps): bump anchore/scan-action from 3.6.0 to 3.6.4
@gounthar
Merge pull request #96 from gounthar/dependabot/docker/dockerfiles/mu…
2d8bd0b 
…lti/jenkins/ssh-agent-5.24.0

chore(deps): bump jenkins/ssh-agent from 5.22.0 to 5.24.0 in /dockerfiles/multi
gounthar and others added 23 commits November 22, 2024 15:39
@gounthar
Merge remote-tracking branch 'origin/fix-multi' into fix-multi
066d15e
@gounthar
fix(docker): Adding error handling for when both controllers are unre…
cdc5909 
…achable.

And making the timeout duration configurable.
@gounthar
fix(ga): Follows the official documentation for the action
ad558f7 
https://github.com/docker/login-action?tab=readme-ov-file#github-container-registry
@gounthar
Merge remote-tracking branch 'upstream/main' into fix-multi
093b96c
@gounthar
fix(docker): Wait for 60s before switching to another server.
cb4b4c1
@gounthar
Merge branch 'jenkins-docs:main' into main
b406e69
@dependabot
chore(deps): bump anchore/scan-action from 5.2.1 to 5.3.0
e79f550 
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 5.2.1 to 5.3.0.
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md)
- [Commits](anchore/scan-action@f2ba85e...869c549)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@gounthar
fix(ga): Remove trailing spaces.
cb44510
@gounthar
Merge pull request #266 from gounthar/dependabot/github_actions/ancho…
c1c15ab 
…re/scan-action-5.3.0

chore(deps): bump anchore/scan-action from 5.2.1 to 5.3.0
@gounthar
chore(jenkins): Update Jenkins plugins
11fe34e
@gounthar
Merge pull request #267 from gounthar/update-plugins-2024/11/23/08/10/58
acf23eb 
chore(jenkins): Updates Jenkins plugins
@gounthar
Merge pull request #264 from gounthar/fix-multi
27818d3 
fix(docker): Multi does not launch a second Jenkins controller anymore.
@gounthar
Merge pull request #265 from gounthar/update-plugins-2024/11/22/08/12/52
9a3a561 
chore(jenkins): Updates Jenkins plugins
@gounthar
chore(jenkins): Update Jenkins plugins
1da6884
@gounthar
Merge pull request #268 from gounthar/update-plugins-2024/11/27/08/13/08
6fccaa8 
chore(jenkins): Updates Jenkins plugins
@gounthar
chore(jenkins): Update Jenkins plugins
edf7dc3
@gounthar
Merge pull request #276 from gounthar/update-plugins-2024/12/03/08/13/14
c61e7a9 
chore(jenkins): Updates Jenkins plugins
@gounthar
Merge branch 'jenkins-docs:main' into main
04f1287
@gounthar
chore(jenkins): Update Jenkins plugins
f9f6f06
@gounthar
chore(jenkins): Update Jenkins plugins
8b2a168
@gounthar
Merge pull request #278 from gounthar/update-plugins-2024/12/06/08/13/07
6428933 
chore(jenkins): Updates Jenkins plugins
@gounthar
Merge pull request #277 from gounthar/update-plugins-2024/12/05/08/13/32
3e06c8a 
chore(jenkins): Updates Jenkins plugins
@gounthar
chore(jenkins): Update Jenkins plugins
c103015
@coderabbitai
Copy link

coderabbitai bot commented Dec 11, 2024
edited
Loading

Walkthrough

The changes involve updating the version numbers of several plugins in the dockerfiles/plugins.txt file. Key updates include the cloudbees-folder version changing from 6.963.v6edc0fc71472 to 6.969.v7d22c6eb_fde1, and the credentials version changing from 1389.vd7a_b_f5fa_50a_2 to 1393.v6017143c1763. Other plugins such as pipeline-stage-step, pipeline-graph-view, and workflow-job also received version updates, reflecting a general maintenance effort without structural changes to the file.

Changes

File Change Summary
dockerfiles/plugins.txt Updated versions for cloudbees-folder, credentials, pipeline-stage-step, pipeline-graph-view, and workflow-job.

Possibly related PRs

Suggested labels

repo

🐰 In the garden, plugins bloom,
Versions rising, dispelling gloom.
Cloudbees and credentials, a dance so fine,
Upgraded together, they brightly shine.
With each little hop, our code takes flight,
Maintenance magic, oh what a delight! 🌼✨

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 3e06c8a and c103015.

📒 Files selected for processing (1)
  • dockerfiles/plugins.txt (1 hunks)
🧰 Additional context used
🪛 Gitleaks (8.21.2)
dockerfiles/plugins.txt

12-12: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

14-14: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🔇 Additional comments (3)
dockerfiles/plugins.txt (3)

Line range hint 1-85: LGTM! Version formats are consistent with Jenkins standards

The plugin version formats follow Jenkins conventions:

  • Jenkins-specific format (e.g., 1393.v6017143c1763)
  • Semantic versioning (e.g., 3.2.3)
🧰 Tools
🪛 Gitleaks (8.21.2)

8-8: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

12-12: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

14-14: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

15-15: Review security-critical plugin updates

The following security-sensitive plugins are being updated:

  • credentials:1393.v6017143c1763
  • script-security:1369.v9b_98a_4e95b_2d
  • matrix-auth:3.2.3

Also applies to: 61-61, 42-42

✅ Verification successful

Let me analyze the changelog information we received:

  1. For credentials plugin (1393.v6017143c1763):
  • The changelog shows releases are now published in GitHub releases since version 2.3.8
  • We need to check the GitHub releases for the latest version
  1. For script-security plugin:
  • The changelog request failed (404)
  • We need to try an alternative approach to get this information
  1. For matrix-auth plugin:
  • The changelog shows releases are now published in GitHub releases since version 3.0
  • We need to check the GitHub releases for the latest version

Let me fetch the GitHub releases information:

Based on the information gathered, I can now provide a final response about these security-sensitive plugin updates:

Security-critical plugin updates appear safe to proceed

The updates for these security-sensitive plugins contain:

  • credentials (1393.v6017143c1763): Minor improvements including password handling for certificate auth and dependency updates. No security fixes noted.
  • script-security (1369.v9b_98a_4e95b_2d): Technical debt reduction changes for developers. No security-related changes.
  • matrix-auth (3.2.3): UI improvements and compatibility updates. No security-related changes.

All changes appear to be routine maintenance updates rather than security fixes. The updates focus on improvements, dependency updates, and technical debt reduction.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify changelog and security fixes for security-critical plugins

for plugin in "credentials" "script-security" "matrix-auth"; do
  echo "Checking $plugin changelog..."
  curl -s "https://raw.githubusercontent.com/jenkinsci/$plugin-plugin/master/CHANGELOG.md" || \
  curl -s "https://raw.githubusercontent.com/jenkinsci/$plugin-plugin/main/CHANGELOG.md"
done

Length of output: 40331

Script:

#!/bin/bash
# Get latest GitHub releases for the plugins

for plugin in "credentials" "script-security" "matrix-auth"; do
  echo "Checking $plugin releases..."
  gh api repos/jenkinsci/$plugin-plugin/releases/latest --jq '.tag_name + " - " + .published_at + "\n" + .body'
done

Length of output: 1791

Line range hint 1-85: Verify plugin compatibility and security implications

The plugin updates appear to be routine maintenance. However, it's important to verify:

  1. Plugin compatibility with your Jenkins version
  2. Any breaking changes in the updated plugins
  3. Security implications of these updates

Consider implementing automated plugin update verification in your CI pipeline to:

  1. Validate plugin compatibility
  2. Check for security advisories
  3. Test Jenkins startup with the new plugin versions
✅ Verification successful

Let me try a different approach to verify the plugins and their compatibility.

Based on the gathered information, I can now provide a final response:

Plugin updates are compatible with Jenkins LTS 2.479.2

The plugins list has been verified against the Jenkins controller version (2.479.2) specified in the Dockerfile. The updates include:

  • Core API plugins (e.g., jackson2-api, bouncycastle-api) with stable version patterns
  • Pipeline-related plugins with consistent versioning (2.2218.x series)
  • Security-related plugins (script-security, matrix-auth) at recent versions
  • No deprecated plugins or known compatibility conflicts detected

The plugin versions follow Jenkins' versioning scheme and are from the official update center, indicating they've passed compatibility tests.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Analyze plugin updates for compatibility and security concerns

# Extract plugin names and versions
echo "Analyzing plugin versions and dependencies..."
cat dockerfiles/plugins.txt | while read line; do
  plugin_name=$(echo $line | cut -d: -f1)
  version=$(echo $line | cut -d: -f2)
  
  # Query Jenkins update center API for plugin info
  curl -s "https://updates.jenkins.io/current/plugin-versions.json" | \
    jq --arg name "$plugin_name" --arg version "$version" \
    '.plugins[$name] | select(.version == $version) | {
      version: .version,
      requiredCore: .requiredCore,
      dependencies: .dependencies,
      securityWarnings: .securityWarnings
    }'
done

# Check for any known security advisories
echo "Checking for security advisories..."
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: MAVEN, package: "org.jenkins-ci.plugins") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Length of output: 46870

Script:

#!/bin/bash
# Let's check for a Jenkins version file and plugin compatibility info

# Check if there's a Jenkins version specified in the repo
echo "Looking for Jenkins version specification..."
fd -t f "jenkins|Dockerfile" | xargs grep -l "jenkins" | xargs cat

# Get the plugins.txt content for analysis
echo -e "\nAnalyzing plugins.txt..."
cat dockerfiles/plugins.txt

# Look for any plugin-related configuration files
echo -e "\nLooking for plugin configurations..."
fd -t f "jenkins|plugin" | grep -i "config\|plugin"

Length of output: 23167

🧰 Tools
🪛 Gitleaks (8.21.2)

8-8: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

12-12: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

14-14: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Experiment)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@github-actions github-actions bot added the repo label Dec 11, 2024
@gounthar gounthar closed this Dec 12, 2024
@gounthar gounthar deleted the update-plugins-2024/12/11/08/13/22 branch December 12, 2024 08:26
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 12, 2024
View reviewed changes
extract-profiles.sh
# Check if the service has dependencies
if yq e ".services.${service}.depends_on" "$original_file" -e > /dev/null; then
# Read dependencies of the service
local dependencies=($(yq e ".services.${service}.depends_on | keys" "$original_file" -o json | jq -r '.[]'))

Check notice

Code scanning / Shellcheck (reported by Codacy)

Prefer mapfile or read -a to split command output (or quote to avoid splitting). Note

Prefer mapfile or read -a to split command output (or quote to avoid splitting).
extract-profiles.sh
declare -A all_dependencies
services=$(yq e '.services | keys' "$original_file" -o json | jq -r '.[]')
for service in $services; do
dependencies=$(yq e ".services.$service.depends_on | keys" "$original_file" -o json | jq -r '.[]')

Check notice

Code scanning / Shellcheck (reported by Codacy)

Variable was used as an array but is now assigned a string. Note

Variable was used as an array but is now assigned a string.
extract-profiles.sh
services=$(yq e '.services | keys' "$original_file" -o json | jq -r '.[]')
for service in $services; do
dependencies=$(yq e ".services.$service.depends_on | keys" "$original_file" -o json | jq -r '.[]')
for dependency in $dependencies; do

Check notice

Code scanning / Shellcheck (reported by Codacy)

Expanding an array without an index only gives the first element. Note

Expanding an array without an index only gives the first element.
extract-profiles.sh
for service in $services; do
dependencies=$(yq e ".services.$service.depends_on | keys" "$original_file" -o json | jq -r '.[]')
for dependency in $dependencies; do
all_dependencies["$dependency"]=1

Check notice

Code scanning / Shellcheck (reported by Codacy)

all_dependencies appears unused. Verify use (or export if used externally). Note

all_dependencies appears unused. Verify use (or export if used externally).
extract-profiles.sh

# Generate the docker-compose file for the profile
echo "Generating docker-compose-$profile.yaml"
yq e ".services | with_entries(select(.key as \$k | .key == \"$included_services_list\"))" "$original_file" > "docker-compose-$profile.yaml"

Check warning

Code scanning / Shellcheck (reported by Codacy)

included_services_list is referenced but not assigned. Warning

included_services_list is referenced but not assigned.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

repo

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gounthar @actions-user