diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index b379e82..bede1e0 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -31,6 +31,7 @@ jobs: run: | validate_file() { local file="$1" + local tmp_file="/tmp/$(basename $file)" if [[ ! "$file" =~ ^([a-zA-Z0-9_\-]+/)*[a-zA-Z0-9_\-]+\.yml$ ]]; then echo "Invalid file path characters: $file" @@ -40,17 +41,29 @@ jobs: if [[ "$file" == *"../"* ]]; then echo "Directory traversal attempt detected: $file" return 1 + } + + # Create copy and inject categories if missing + cp "$file" "$tmp_file" + if ! grep -q "categories:" "$tmp_file"; then + # Extract categories from path + categories=$(dirname "$file" | tr '/' '\n' | awk 'NF' | sed 's/^/ - /') + # Inject categories into YAML + echo -e "\ncategories:\n$categories" >> "$tmp_file" fi docker pull dreadnode/robopages:latest - # Run validation with Docker socket mounted + # Run validation with Docker socket mounted using temp file docker run --rm \ -v $(pwd):/workspace \ -v /var/run/docker.sock:/var/run/docker.sock \ + -v "$tmp_file:/workspace/$(basename $file)" \ -w /workspace \ --privileged \ - dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker + dreadnode/robopages:latest validate --path "$(basename $file)" --skip-docker + + rm "$tmp_file" } # Get changed files using GitHub's provided variables diff --git a/utilities/test.yml b/utilities/test.yml new file mode 100644 index 0000000..db935c3 --- /dev/null +++ b/utilities/test.yml @@ -0,0 +1,17 @@ +description: Test robopage for validation + +functions: + test_function: + description: A simple test function + parameters: + input: + type: string + description: Test input parameter + examples: + - "test value" + container: + force: true + image: alpine:latest + cmdline: + - echo + - ${input}