From 988b942fcadc0b6432cb686bd890fbf21d4ef16d Mon Sep 17 00:00:00 2001 From: ssube Date: Sat, 2 Nov 2019 11:11:47 -0500 Subject: [PATCH] fix(rules): filter gitlab jobs better list other top-level keys and replace the patternProperties filter with additionalProperties to prevent top-level keys from being validated as jobs (which they will fail) --- rules/gitlab-ci.yml | 67 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 51 insertions(+), 16 deletions(-) diff --git a/rules/gitlab-ci.yml b/rules/gitlab-ci.yml index 0c0a537..4e9b908 100644 --- a/rules/gitlab-ci.yml +++ b/rules/gitlab-ci.yml @@ -42,20 +42,55 @@ rules: check: type: object - patternProperties: - "^(?!stages$|\\.)": + properties: + after_script: + type: array + before_script: + type: array + cache: type: object - required: [script] - properties: - after_script: - type: array - items: - type: string - before_script: - type: array - items: - type: string - script: - type: array - items: - type: string \ No newline at end of file + image: + type: string + services: + type: array + stages: + type: array + types: + type: array + variables: + type: object + additionalProperties: + type: object + required: [script] + properties: + after_script: + type: array + items: + type: string + before_script: + type: array + items: + type: string + script: + type: array + items: + type: string + + - name: gitlab-top-level + desc: should only have jobs and stages at the top level scope + level: info + tags: + - gitlab + - optional + + check: + type: object + not: + anyOf: + - required: [image] + - required: [services] + - required: [types] + - required: [before_script] + - required: [after_script] + - required: [variables] + - required: [cache] \ No newline at end of file