Skip to content

Commit 2e40806

Browse files
brazilianscriptguybrazilianscriptguy
authored
Create psscriptanalyzer-check.yml
Signed-off-by: LUIZ HAMILTON ROBERTO DA SILVA <[email protected]>
1 parent 5984a31 commit 2e40806

1 file changed

Lines changed: 182 additions & 0 deletions

File tree

.github/workflows/psscriptanalyzer-check.yml

Lines changed: 182 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,182 @@
1+
name: Analyze PowerShell Scripts
2+
3+
on:
4+
push:
5+
branches: [main, develop]
6+
paths: ['**/*.ps1', '.psscriptanalyzer']
7+
pull_request:
8+
branches: [main, develop]
9+
paths: ['**/*.ps1', '.psscriptanalyzer']
10+
workflow_dispatch:
11+
12+
jobs:
13+
psscriptanalyzer:
14+
name: PowerShell Code Quality Check
15+
runs-on: ubuntu-latest
16+
permissions:
17+
actions: write
18+
contents: write
19+
security-events: write
20+
statuses: write
21+
22+
steps:
23+
- name: 📦 Checkout Repository
24+
uses: actions/[email protected]
25+
26+
- name: 🕵️ Debug Repository Contents
27+
shell: bash
28+
run: |
29+
echo "Current directory: $(pwd)"
30+
echo "Listing PowerShell scripts:"
31+
find . -type f -name "*.ps1"
32+
if [ -f ".psscriptanalyzer" ]; then
33+
echo ".psscriptanalyzer file found"
34+
else
35+
echo ".psscriptanalyzer file not found"
36+
fi
37+
38+
- name: 🛠️ Auto-Fix Indentation and Whitespace
39+
shell: pwsh
40+
run: |
41+
$ErrorActionPreference = 'Stop'
42+
Install-Module -Name PSScriptAnalyzer -Force -Scope CurrentUser -RequiredVersion 1.24.0
43+
$htPSA = @{
44+
Path = '.'
45+
Recurse = $true
46+
Fix = $true
47+
IncludeRule = @('PSUseConsistentIndentation', 'PSUseConsistentWhitespace')
48+
Settings = @{
49+
Rules = @{
50+
PSUseConsistentIndentation = @{
51+
Enable = $true
52+
IndentationSize = 4
53+
PipelineIndentation = 'IncreaseIndentationForFirstPipeline'
54+
}
55+
PSUseConsistentWhitespace = @{
56+
Enable = $true
57+
CheckInnerBrace = $true
58+
CheckOpenBrace = $true
59+
CheckOpenParen = $true
60+
CheckOperator = $true
61+
CheckSeparator = $true
62+
}
63+
}
64+
}
65+
}
66+
Invoke-ScriptAnalyzer @htPSA
67+
Write-Output "Auto-fix completed for indentation and whitespace"
68+
69+
- name: 📝 Commit Auto-Fixed Files
70+
if: github.event_name == 'push'
71+
shell: bash
72+
run: |
73+
git config user.name "GitHub Action"
74+
git config user.email "[email protected]"
75+
git add .
76+
git commit -m "Auto-fix PSScriptAnalyzer indentation and whitespace issues" || echo "No changes to commit"
77+
git push
78+
env:
79+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
80+
81+
- name: 🔎 Run PSScriptAnalyzer and Export SARIF
82+
shell: pwsh
83+
run: |
84+
$ErrorActionPreference = 'Stop'
85+
$sarifFile = Join-Path $env:GITHUB_WORKSPACE "psscriptanalyzer-results.sarif"
86+
Write-Output "Target SARIF file path: $sarifFile"
87+
Install-Module -Name PSScriptAnalyzer -Force -Scope CurrentUser -RequiredVersion 1.24.0
88+
$version = (Get-Module -ListAvailable PSScriptAnalyzer)[0].Version.ToString()
89+
Write-Output "PSScriptAnalyzer version: $version"
90+
$htPSA = @{
91+
Path = '.'
92+
Recurse = $true
93+
Severity = @('Error', 'Warning')
94+
IncludeRule = @(
95+
'PSAvoidUsingCmdletAliases',
96+
'PSUseShouldProcessForStateChangingFunctions',
97+
'PSAvoidUsingWriteHost',
98+
'PSUseConsistentIndentation',
99+
'PSUseConsistentWhitespace'
100+
)
101+
Settings = @{
102+
Rules = @{
103+
PSUseConsistentIndentation = @{
104+
Enable = $true
105+
IndentationSize = 4
106+
PipelineIndentation = 'IncreaseIndentationForFirstPipeline'
107+
}
108+
PSUseConsistentWhitespace = @{
109+
Enable = $true
110+
CheckInnerBrace = $true
111+
CheckOpenBrace = $true
112+
CheckOpenParen = $true
113+
CheckOperator = $true
114+
CheckSeparator = $true
115+
}
116+
}
117+
}
118+
}
119+
$results = Invoke-ScriptAnalyzer @htPSA
120+
if ($results | Where-Object { $_.Severity -eq 'Error' }) {
121+
Write-Error "PSScriptAnalyzer found errors"
122+
exit 1
123+
}
124+
if ($results) {
125+
Write-Output "Found $($results.Count) issues"
126+
$sarifResults = $results | ForEach-Object {
127+
@{
128+
ruleId = $_.RuleName
129+
level = $_.Severity.ToString().ToLower()
130+
message = @{ text = $_.Message }
131+
locations = @(
132+
@{
133+
physicalLocation = @{
134+
artifactLocation = @{
135+
uri = $_.ScriptPath.Replace("$env:GITHUB_WORKSPACE/", '')
136+
}
137+
region = @{
138+
startLine = $_.Line
139+
startColumn = $_.Column
140+
}
141+
}
142+
}
143+
)
144+
}
145+
}
146+
$sarif = @{
147+
'$schema' = 'http://json.schemastore.org/sarif-2.1.0'
148+
version = '2.1.0'
149+
runs = @(
150+
@{
151+
tool = @{
152+
driver = @{
153+
name = 'PSScriptAnalyzer'
154+
version = $version
155+
}
156+
}
157+
results = $sarifResults
158+
}
159+
)
160+
}
161+
$sarif | ConvertTo-Json -Depth 10 | Out-File -FilePath $sarifFile -Encoding utf8
162+
Write-Output "SARIF file generated: $sarifFile"
163+
} else {
164+
Write-Output "No issues found"
165+
'{"$schema": "http://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": []}' | Out-File -FilePath $sarifFile -Encoding utf8
166+
}
167+
168+
- name: 📊 Upload Analysis Results
169+
if: always()
170+
uses: actions/upload-artifact@v4
171+
with:
172+
name: psscriptanalyzer-results
173+
path: ${{ github.workspace }}/psscriptanalyzer-results.sarif
174+
retention-days: 30
175+
176+
- name: 📤 Upload SARIF to GitHub
177+
if: always()
178+
uses: github/codeql-action/upload-sarif@v3
179+
with:
180+
sarif_file: ${{ github.workspace }}/psscriptanalyzer-results.sarif
181+
checkout_path: ${{ github.workspace }}
182+
wait-for-processing: true

0 commit comments

Comments
 (0)