Skip to content

Commit c32764c

Browse files
brazilianscriptguybrazilianscriptguy
authored
Update psscriptanalyzer-check.yml
Signed-off-by: LUIZ HAMILTON ROBERTO DA SILVA <[email protected]>
1 parent 62ba463 commit c32764c

1 file changed

Lines changed: 116 additions & 86 deletions

File tree

.github/workflows/psscriptanalyzer-check.yml

Lines changed: 116 additions & 86 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,16 @@ name: Analyze PowerShell Scripts
22

33
on:
44
push:
5-
branches: [ main, develop ]
5+
branches:
6+
- main
7+
- develop
68
paths:
79
- '**/*.ps1'
810
- '.psscriptanalyzer'
911
pull_request:
10-
branches: [ main, develop ]
12+
branches:
13+
- main
14+
- develop
1115
paths:
1216
- '**/*.ps1'
1317
- '.psscriptanalyzer'
@@ -27,113 +31,139 @@ jobs:
2731
- name: 📦 Checkout Repository
2832
uses: actions/[email protected]
2933

30-
- name: 🔍 Run PSScriptAnalyzer and Generate SARIF
34+
- name: 🕵️ Debug Repository Contents
35+
shell: bash
36+
run: |
37+
echo "Current directory: $(pwd)"
38+
echo "GitHub workspace: ${{ github.workspace }}"
39+
echo "Listing all files in repository:"
40+
find . -type f
41+
echo "Checking for PowerShell scripts:"
42+
if find . -type f -name "*.ps1" | grep .; then
43+
echo "PowerShell scripts found"
44+
else
45+
echo "No PowerShell scripts found"
46+
fi
47+
48+
- name: 🔎 Run PSScriptAnalyzer and Export SARIF
3149
shell: pwsh
3250
run: |
3351
$ErrorActionPreference = 'Stop'
34-
35-
# Install PSScriptAnalyzer
36-
Install-Module -Name PSScriptAnalyzer -Force -Scope CurrentUser -MinimumVersion 1.22.0
37-
$analyzerVersion = (Get-Module -ListAvailable PSScriptAnalyzer | Select-Object -First 1 -ExpandProperty Version)
38-
39-
# Define analyzer settings
40-
$htPSA = @{
41-
Path = '.'
42-
Recurse = $true
43-
Severity = @('Error', 'Warning')
44-
IncludeRule = @(
45-
'PSAvoidUsingCmdletAliases',
46-
'PSUseShouldProcessForStateChangingFunctions',
47-
'PSAvoidUsingWriteHost',
48-
'PSUseConsistentIndentation',
49-
'PSUseConsistentWhitespace'
50-
)
51-
Settings = @{
52-
Rules = @{
53-
PSUseConsistentIndentation = @{
54-
Enable = $true
55-
IndentationSize = 4
56-
PipelineIndentation = 'IncreaseIndentationForFirstPipeline'
57-
}
58-
PSUseConsistentWhitespace = @{
59-
Enable = $true
60-
CheckInnerBrace = $true
61-
CheckOpenBrace = $true
62-
CheckOpenParen = $true
63-
CheckOperator = $true
64-
CheckSeparator = $true
52+
$sarifFile = "${{ github.workspace }}/psscriptanalyzer-results.sarif"
53+
Write-Output "Target SARIF file path: $sarifFile"
54+
Write-Output "Checking PowerShell version:"
55+
$PSVersionTable | Format-Table -AutoSize | Out-String | Write-Output
56+
try {
57+
Write-Output "Installing PSScriptAnalyzer"
58+
Install-Module -Name PSScriptAnalyzer -Force -Scope CurrentUser -MinimumVersion 1.22.0 -ErrorAction Stop
59+
Write-Output "PSScriptAnalyzer version: $(Get-Module -ListAvailable PSScriptAnalyzer | Select-Object -ExpandProperty Version)"
60+
$scriptFiles = Get-ChildItem -Path . -Recurse -Include *.ps1
61+
if ($scriptFiles) {
62+
Write-Output "Found $($scriptFiles.Count) PowerShell scripts"
63+
$htPSA = @{
64+
Path = '.'
65+
Recurse = $true
66+
Severity = @('Error', 'Warning')
67+
IncludeRule = @(
68+
'PSAvoidUsingCmdletAliases',
69+
'PSUseShouldProcessForStateChangingFunctions',
70+
'PSAvoidUsingWriteHost',
71+
'PSUseConsistentIndentation',
72+
'PSUseConsistentWhitespace'
73+
)
74+
Settings = @{
75+
Rules = @{
76+
PSUseConsistentIndentation = @{
77+
Enable = $true
78+
IndentationSize = 4
79+
PipelineIndentation = 'IncreaseIndentationForFirstPipeline'
80+
}
81+
PSUseConsistentWhitespace = @{
82+
Enable = $true
83+
CheckInnerBrace = $true
84+
CheckOpenBrace = $true
85+
CheckOpenParen = $true
86+
CheckOperator = $true
87+
CheckSeparator = $true
88+
}
89+
}
6590
}
6691
}
67-
}
68-
}
69-
70-
$results = Invoke-ScriptAnalyzer @htPSA
71-
$sarifFile = "./psscriptanalyzer-results.sarif"
72-
73-
if ($results) {
74-
# Try using ConvertTo-SARIF if available
75-
if (Get-Command ConvertTo-SARIF -ErrorAction SilentlyContinue) {
76-
$results | ConvertTo-SARIF -FilePath $sarifFile
77-
} else {
78-
# Manual SARIF generation
79-
$sarifResults = $results | ForEach-Object {
80-
$level = switch ($_.Severity.ToLowerInvariant()) {
81-
'error' { 'error' }
82-
'warning' { 'warning' }
83-
'information' { 'note' }
84-
default { 'note' }
85-
}
86-
87-
@{
88-
ruleId = $_.RuleName
89-
level = $level
90-
message = @{ text = $_.Message }
91-
locations = @(
92-
@{
93-
physicalLocation = @{
94-
artifactLocation = @{ uri = $_.ScriptPath }
95-
region = @{
96-
startLine = $_.Line
97-
startColumn = $_.Column
92+
Write-Output "Running PSScriptAnalyzer on path: $(Get-Location)"
93+
$results = Invoke-ScriptAnalyzer @htPSA
94+
if ($results) {
95+
Write-Output "Found $($results.Count) issues"
96+
$sarifResults = $results | ForEach-Object {
97+
@{
98+
ruleId = $_.RuleName
99+
level = $_.Severity.ToString().ToLower()
100+
message = @{ text = $_.Message }
101+
locations = @(
102+
@{
103+
physicalLocation = @{
104+
artifactLocation = @{ uri = $_.ScriptPath.Replace(${{ github.workspace }} + '/', '') }
105+
region = @{
106+
startLine = $_.Line
107+
startColumn = $_.Column
108+
}
98109
}
99110
}
111+
)
112+
}
113+
}
114+
$sarif = @{
115+
'$schema' = 'http://json.schemastore.org/sarif-2.1.0'
116+
version = '2.1.0'
117+
runs = @(
118+
@{
119+
tool = @{ driver = @{ name = 'PSScriptAnalyzer'; version = "$(Get-Module -ListAvailable PSScriptAnalyzer | Select-Object -ExpandProperty Version)" } }
120+
results = $sarifResults
100121
}
101122
)
102123
}
124+
$sarif | ConvertTo-Json -Depth 10 | Out-File -FilePath $sarifFile -Encoding utf8
125+
Write-Output "SARIF file generated: $sarifFile"
126+
} else {
127+
Write-Output "No issues found"
128+
'{"$schema": "http://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": []}' | Out-File -FilePath $sarifFile -Encoding utf8
129+
Write-Output "Empty SARIF file generated: $sarifFile"
103130
}
104-
105-
$sarif = @{
106-
version = "2.1.0"
107-
runs = @(
108-
@{
109-
tool = @{
110-
driver = @{
111-
name = "PSScriptAnalyzer"
112-
version = "$analyzerVersion"
113-
}
114-
}
115-
results = $sarifResults
116-
}
117-
)
118-
}
119-
120-
$sarif | ConvertTo-Json -Depth 10 | Out-File -FilePath $sarifFile -Encoding utf8
131+
} else {
132+
Write-Output "No PowerShell scripts found in repository"
133+
'{"$schema": "http://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": []}' | Out-File -FilePath $sarifFile -Encoding utf8
134+
Write-Output "Empty SARIF file generated: $sarifFile"
121135
}
122-
} else {
123-
'{"version": "2.1.0", "runs": []}' | Out-File -FilePath $sarifFile -Encoding utf8
136+
} catch {
137+
Write-Error "PSScriptAnalyzer failed: $_"
138+
exit 1
124139
}
125140
141+
- name: 🕵️ Debug SARIF File Existence
142+
shell: bash
143+
run: |
144+
echo "Current directory: $(pwd)"
145+
echo "Listing files:"
146+
ls -la
147+
if [ -f "${{ github.workspace }}/psscriptanalyzer-results.sarif" ]; then
148+
echo "SARIF file exists"
149+
cat "${{ github.workspace }}/psscriptanalyzer-results.sarif"
150+
else
151+
echo "SARIF file not found at ${{ github.workspace }}/psscriptanalyzer-results.sarif"
152+
exit 1
153+
fi
154+
126155
- name: 📊 Upload Analysis Results
127156
if: always()
128157
uses: actions/upload-artifact@v4
129158
with:
130159
name: psscriptanalyzer-results
131-
path: ./psscriptanalyzer-results.sarif
160+
path: ${{ github.workspace }}/psscriptanalyzer-results.sarif
132161
retention-days: 7
133162

134163
- name: 📤 Upload SARIF to GitHub
135164
if: always()
136165
uses: github/codeql-action/upload-sarif@v3
137166
with:
138-
sarif_file: ./psscriptanalyzer-results.sarif
167+
sarif_file: ${{ github.workspace }}/psscriptanalyzer-results.sarif
168+
checkout_path: ${{ github.workspace }}
139169
wait-for-processing: true

0 commit comments

Comments
 (0)