Validate and lint your gitlab ci files using ShellCheck, the Gitlab API and curated checks
Project description
[IN IMPLEMENTATION] gitlab-ci-verify
Validate and lint your gitlab ci files using ShellCheck, the Gitlab API and curated checks
Features
- ShellCheck for scripts
- Validation against Pipeline Editor API for project
- Automatic detection of the current gitlab project
- Available as pre-commit hook
Example output
| Format | Screenshot |
|---|---|
| text |  |
| json |  |
| table |  |
Installation
pre-commit
docker
Manual
Linux (64-bit)
curl -LO https://github.com/timo-reymann/gitlab-ci-verify/releases/download/$(curl -Lso /dev/null -w %{url_effective} https://github.com/timo-reymann/gitlab-ci-verify/releases/latest | grep -o '[^/]*$')/gitlab-ci-verify_linux-amd64 && \
chmod +x gitlab-ci-verify_linux-amd64 && \
sudo mv gitlab-ci-verify_linux-amd64 /usr/local/bin/gitlab-ci-verify
Darwin (Intel)
brew
brew tap timo-reymann/gitlab-ci-verify
brew install gitlab-ci-verify
manual
curl -LO https://github.com/timo-reymann/gitlab-ci-verify/releases/download/$(curl -Lso /dev/null -w %{url_effective} https://github.com/timo-reymann/gitlab-ci-verify/releases/latest | grep -o '[^/]*$')/gitlab-ci-verify_darwin-amd64 && \
chmod +x gitlab-ci-verify_darwin-amd64 && \
sudo mv gitlab-ci-verify_darwin-amd64 /usr/local/bin/gitlab-ci-verify
Windows
Download the latest release for Windows and put in
your PATH.
Install with go
go install github.com/timo-reymann/gitlab-ci-verify@latest
Install with pip(x)
Using pipx you can just use the following command use gitlab-ci-verify as it is:
pipx install gitlab-ci-verify
If you want to use it directly using the subprocess module you can install it with pip:
pip install gitlab-ci-verify
And use the package like this:
from gitlab_ci_verify import verify_file
# Verify .gitlab-ci.yml in /path/to/repo is valid
valid, findings = verify_file("/path/to/repo")
# verify include.yml in /path/to/repo is valid
valid, findings = verify_file("/path/to/repo", "include.yml")
# or if you want to verify file content for a given repository
# valid, findings = verify_content("/path/to/repo","ci-yaml content")
print(f"Valid: {valid}")
print(f"Findings: {findings}")
Also see the python wrapper documentation
Supported platforms
The following platforms are supported (and have prebuilt binaries / ready to use integration):
- Linux
- 64-bit
- ARM 64-bit
- Darwin
- 64-bit
- ARM (M1/M2)
- Windows
- 64-bit
- pre-commit (x86 & ARM)
- Docker (x86 & ARM)
Where to find the latest release for your platform
Binaries
Binaries for all of these can be found on the latest release page.
Docker
For the docker image, check the docker hub.
Usage
Command Line
gitlab-ci-verify --help
Containerized
docker run --rm -it -v $PWD:/workspace -e GITLAB_TOKEN="your token" timoreymann/gitlab-ci-verify
As pre-commit hook
- repo: https://github.com/timo-reymann/gitlab-ci-verify
rev: main
hooks:
- id: gitlab-ci-verify
Motivation
Unfortunately, GitLab didn't provide a tool to validate CI configuration for quite a while.
Now that changed with the glab CLI providing glab ci lint but it is quite limited and under the hood just calls the
new CI Lint API.
Throughout the years quite some tools evolved, but most of them are either outdated, painful to use or install, and basically also provide the lint functionality from the API.
As most of the logic in pipelines is written in shell scripts via the *script attributes these are lacking completely
from all tools out there as well as the official lint API.
The goal of gitlab-ci-verify is to provide the stock CI Lint functionality plus shellcheck. Completed in the future some rules to lint that common patterns are working as intended by GitLab and void them from being pushed and leading to unexpected behavior.
Contributing
I love your input! I want to make contributing to this project as easy and transparent as possible, whether it's:
- Reporting a bug
- Discussing the current state of the configuration
- Submitting a fix
- Proposing new features
- Becoming a maintainer
To get started please read the Contribution Guidelines.
Development
Requirements
Test
make test-coverage-report
Build
make build
Credits
This whole project wouldn't be possible with the great work of the following libraries/tools:
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distributions
Hashes for gitlab_ci_verify_bin-0.0.13-py3-none-win_amd64.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 77d88d8ded7b869f8817d0386c8e1ec62234e7ca5dd74b186cd1e223e6ff9ea6 |
|
| MD5 | 8b9dddb8d1257bcf96b3d733b4de0780 |
|
| BLAKE2b-256 | 91f0839ba25e163b8623521b52be06527b81b8bae9e85afa8bd35fb9033ed773 |
Hashes for gitlab_ci_verify_bin-0.0.13-py3-none-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e7e7dad4d1d0c1070fac18fdfea0a40549c70a90bacc64e5df7a0b67955245ef |
|
| MD5 | c420c06e56d57b34b695536b8652bff8 |
|
| BLAKE2b-256 | cddc882aed41dca94a7c1594b234282856d3712beb4c68b3c898ad787f8cfb37 |
Hashes for gitlab_ci_verify_bin-0.0.13-py3-none-macosx_11_0_arm64.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ae6f7aec10b8313a440f9bb5a553d199a45d583afc66c93a9e991f3eb640d046 |
|
| MD5 | 87a67311bc6a8ff07d374377e7d6c011 |
|
| BLAKE2b-256 | bbade2a1c77bc454920c0d685cb2bcb65c6f41f40cf469560f556de1df5ce87a |
Hashes for gitlab_ci_verify_bin-0.0.13-py3-none-macosx_10_9_x86_64.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4237ded1f759e3b51ab8c4895627dd6f287688a5961016d7b3629e38a56c55f5 |
|
| MD5 | cfb1f436dfd7a9b812170f21cf933bf0 |
|
| BLAKE2b-256 | 88781f5e2429d09fe1059d2f6b4864d5904b11edfad95e0385b83c77037c269d |
