Validate and lint your gitlab ci files using ShellCheck, the Gitlab API and curated checks
Project description
gitlab-ci-verify
Validate and lint your gitlab ci files using ShellCheck, the Gitlab API, curated checks or even build your own checks
Features
- ShellCheck for scripts
- Validation against Pipeline Lint API for project
- Curated checks for common mistakes (feel free to contribute new ones)
- Automatic detection of the current gitlab project with an option to overwrite
- Available as pre-commit hook
- Usable to valid dynamically generated pipelines using the python wrapper
- Support for gitlab.com and self-hosted instances
- Support for custom policies written in Rego
- Resolve and validate includes (how it works and limitations)
Installation
See the Installation section in the documentation.
Documentation
You can find the full documentation on GitHub Pages, including:
- How it works
- How to add new checks
- How to write custom policies using rego
- How to authenticate with GitLab
Motivation
Unfortunately, GitLab didn't provide a tool to validate CI configuration for quite a while.
Now that changed with the glab CLI providing glab ci lint but it is quite limited and under the hood just calls the
new CI Lint API.
Throughout the years quite some tools evolved, but most of them are either outdated, painful to use or install, and basically also provide the lint functionality from the API.
As most of the logic in pipelines is written in shell scripts via the *script attributes these are lacking completely
from all tools out there as well as the official lint API.
The goal of gitlab-ci-verify is to provide the stock CI Lint functionality plus shellcheck. Completed in the future some rules to lint that common patterns are working as intended by GitLab and void them from being pushed and leading to unexpected behavior.
Contributing
I love your input! I want to make contributing to this project as easy and transparent as possible, whether it's:
- Reporting a bug
- Discussing the current state of the configuration
- Submitting a fix
- Proposing new features
- Becoming a maintainer
To get started, please read the Contribution Guidelines.
Credits
This whole project wouldn't be possible with the great work of the following libraries/tools:
- Shellcheck by koalaman
- go stdlib
- pflag by spf13
- go-yaml, which I forked to timo-reymann/go-yaml
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file gitlab_ci_verify-2.7.0.tar.gz.
File metadata
- Download URL: gitlab_ci_verify-2.7.0.tar.gz
- Upload date:
- Size: 11.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
67877a330f529d77ba58a1eb222bb72a0b80298914591b7e02dee8e2b67c4c90
|
|
| MD5 |
bae628d50949315f8071c618a313a040
|
|
| BLAKE2b-256 |
22db9bf23b1f0e09b46b445f4a3ebc0a6f310b0ed44c228e4ffe6fbe309ad93c
|
File details
Details for the file gitlab_ci_verify-2.7.0-py3-none-any.whl.
File metadata
- Download URL: gitlab_ci_verify-2.7.0-py3-none-any.whl
- Upload date:
- Size: 9.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
78a986528c250d6c4f66f47513d19c9f28e50690d9c608ed66a85db7a1477bc5
|
|
| MD5 |
5e7ab6fcacdd263a57e9dca890b6bb50
|
|
| BLAKE2b-256 |
3a8815d6308bac043d69e4c901c6332d6fb1232942ac6ced2bd6d6f31ca25439
|
