package gitflamecivalidator import ( "fmt" "gopkg.in/yaml.v3" "strings" "tea.gitpark.ru/Azaki/ci_validator/errors" "time" ) // computeEndPosition возвращает конечные координаты для фрагмента, предполагая, что текст находится на одной строке. func computeEndPosition(startLine, startColumn int, text string) (endLine, endColumn int) { // Если текст пустой, выделим хотя бы один символ if len(text) == 0 { return startLine, startColumn + 1 } return startLine, startColumn + len(text) } // ValidateGitLabCIFile – главная точка входа в библиотеку. func ValidateGitLabCIFile(content string, opts ValidationOptions) error { validationErr := &errors.ValidationError{} if len(content) == 0 { validationErr.AddDetailWithSpan(errors.ErrEmptyFile, errors.ErrorMessages[errors.ErrEmptyFile], 0, 0, 0, 0) return validationErr } // Повторно распарсить YAML, чтобы получить узел и позиционную информацию var root yaml.Node err := yaml.Unmarshal([]byte(content), &root) if err != nil { validationErr.AddDetailWithSpan(errors.ErrYamlSyntax, fmt.Sprintf("YAML parsing error: %v", err), 0, 0, 0, 0) return validationErr } if len(root.Content) == 0 { validationErr.AddDetailWithSpan(errors.ErrYamlSyntax, ".gitflame-ci.yml file is empty or does not contain valid data", 0, 0, 0, 0) return validationErr } if root.Kind != yaml.DocumentNode || len(root.Content) == 0 { validationErr.AddDetailWithSpan(errors.ErrYamlSyntax, "invalid YAML format: a root object was expected", 0, 0, 0, 0) return validationErr } // Получаем корневой узел mainNode := root.Content[0] //Проверяем неизвестные ключи и добавляем ошибки в объект валидации unknowns := findUnknownRootKeysWithSpan(mainNode) for _, unk := range unknowns { validationErr.AddDetailWithSpan(errors.ErrUnknownRootKey, fmt.Sprintf(errors.ErrorMessages[errors.ErrUnknownRootKey], unk.Key), unk.Line, unk.Column, unk.EndLine, unk.EndColumn) } // Парсим YAML в структуру конфигурации cfg, err := ParseGitLabCIConfig([]byte(content), validationErr) if err != nil { validationErr.AddDetailWithSpan(errors.ErrYamlSyntax, fmt.Sprintf(errors.ErrorMessages[errors.ErrYamlSyntax], err), 0, 0, 0, 0) return validationErr } validateRootObject(cfg, validationErr) validateJobs(cfg, validationErr) validateChanges(cfg, validationErr) validatePaths(cfg, validationErr) validateService(cfg, validationErr) validateStages(cfg, validationErr) validateVariables(cfg, validationErr) validateIncludeRules(cfg, validationErr) checkFinalEmptyLine(content, validationErr) if !validationErr.IsEmpty() { return validationErr } return nil } func checkSHAExistsInBranchesOrTags(sha string) bool { return false } func validateRootObject(cfg *GitLabCIConfig, ve *errors.ValidationError) { validateBeforeScript(cfg.BeforeScript, ve) } func validateBeforeScript(before interface{}, ve *errors.ValidationError) { if before == nil { return } if _, ok := before.(string); ok { return } if arr, ok := before.([]interface{}); ok { if !validateNestedStringArray(arr, 1, 10) { ve.AddDetailWithSpan(errors.ErrBeforeScriptInvalid, errors.ErrorMessages[errors.ErrBeforeScriptInvalid], 0, 0, 0, 0) } } else { ve.AddDetailWithSpan(errors.ErrBeforeScriptInvalid, errors.ErrorMessages[errors.ErrBeforeScriptInvalid], 0, 0, 0, 0) } } func validateNestedStringArray(arr []interface{}, currentLevel, maxLevel int) bool { if currentLevel > maxLevel { return false } for _, item := range arr { switch item.(type) { case string: case []interface{}: if !validateNestedStringArray(item.([]interface{}), currentLevel+1, maxLevel) { return false } default: return false } } return true } func validateService(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.Services == nil { return } switch cfg.Services.(type) { case string: case map[string]interface{}: default: ve.AddDetailWithSpan(errors.ErrServiceInvalid, errors.ErrorMessages[errors.ErrServiceInvalid], 0, 0, 0, 0) } } func validateStages(cfg *GitLabCIConfig, ve *errors.ValidationError) { for i, st := range cfg.Stages { if strings.TrimSpace(st) == "" { ve.AddDetailWithSpan(errors.ErrStageInvalid, fmt.Sprintf(errors.ErrorMessages[errors.ErrStageInvalid], i), 0, 0, 0, 0) } } } // validateVariablesMap проверяет карту переменных varsMap, используя данные из YAML‑узла varsNode для получения позиций. func validateVariablesMap(varsMap map[string]interface{}, varsNode *yaml.Node, ve *errors.ValidationError, posGetter func(varName string) (int, int)) { allowedKeys := map[string]struct{}{ "value": {}, "description": {}, "expand": {}, "options": {}, } // Проходим по всем ключам, определённым в YAML‑узле for i := 0; i < len(varsNode.Content)-1; i += 2 { keyNode := varsNode.Content[i] varName := keyNode.Value // Получаем позицию для этой переменной через posGetter. line, col := posGetter(varName) // Проверяем длину имени переменной if len(varName) > MaxVariableNameLength { ve.AddDetailWithSpan( errors.ErrVariableNameTooLong, fmt.Sprintf(errors.ErrorMessages[errors.ErrVariableNameTooLong], varName), line, col, line, col+len(varName), ) } // Проверяем, что значение переменной присутствует и корректно if val, exists := varsMap[varName]; exists { if !isScalar(val) { ve.AddDetailWithSpan( errors.ErrVariableInvalid, fmt.Sprintf(errors.ErrorMessages[errors.ErrVariableInvalid], varName), line, col, line, col+len(varName), ) } if nested, ok := val.(map[string]interface{}); ok { var invalidKeys []string for k := range nested { if _, allowed := allowedKeys[k]; !allowed { invalidKeys = append(invalidKeys, k) } } if len(invalidKeys) > 0 { ve.AddDetailWithSpan( errors.ErrVariablesInvalidKey, fmt.Sprintf(errors.ErrorMessages[errors.ErrVariablesInvalidKey], varName, strings.Join(invalidKeys, ", ")), line, col, line, col+len(varName), ) } } } } } func validateJobVariables(job *Job, ve *errors.ValidationError) { if job.VariablesNode == nil { return } if job.VariablesNode.Kind != yaml.MappingNode { ve.AddDetailWithSpan( errors.ErrVariablesInvalid, "job variables should be a map", job.Line, job.Column, job.Line, job.Column+1, ) return } varsMap, ok := job.Variables.(map[string]interface{}) if !ok { ve.AddDetailWithSpan( errors.ErrVariablesInvalid, "job variables should be a map", job.Line, job.Column, job.Line, job.Column+1, ) return } validateVariablesMap(varsMap, job.VariablesNode, ve, func(varName string) (int, int) { // Ищем переменную в узле job.VariablesNode for i := 0; i < len(job.VariablesNode.Content)-1; i += 2 { keyNode := job.VariablesNode.Content[i] if keyNode.Value == varName { return keyNode.Line, keyNode.Column } } return job.Line, job.Column // если не найдено, используем позицию job }) } func validateVariables(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.VariablesNode == nil { return } if cfg.VariablesNode.Kind != yaml.MappingNode { ve.AddDetailWithSpan( errors.ErrVariablesInvalid, errors.ErrorMessages[errors.ErrVariablesInvalid], 0, 0, 0, 0, ) return } varsMap, ok := cfg.Variables.(map[string]interface{}) if !ok { ve.AddDetailWithSpan( errors.ErrVariablesInvalid, errors.ErrorMessages[errors.ErrVariablesInvalid], 0, 0, 0, 0, ) return } validateVariablesMap(varsMap, cfg.VariablesNode, ve, func(varName string) (int, int) { // Ищем в YAML узле переменной с именем varName for i := 0; i < len(cfg.VariablesNode.Content)-1; i += 2 { keyNode := cfg.VariablesNode.Content[i] if keyNode.Value == varName { return keyNode.Line, keyNode.Column } } return 0, 0 }) } func isScalar(val interface{}) bool { switch val.(type) { case string, bool, int, int64, float64, float32: return true default: return false } } func validateJobs(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.Jobs == nil || len(cfg.Jobs) == 0 { ve.AddDetailWithSpan(errors.ErrMissingJobs, errors.ErrorMessages[errors.ErrMissingJobs], 0, 0, 0, 0) return } stagesAllowed := make(map[string]struct{}) for _, st := range cfg.Stages { stagesAllowed[st] = struct{}{} } visibleCount := 0 dependencyGraph := make(map[string][]string) for _, job := range cfg.Jobs { // (a) Check that the job name is not empty. if job.Name == "" { ve.AddDetailWithSpan(errors.ErrJobNameBlank, errors.ErrorMessages[errors.ErrJobNameBlank], job.Line, job.Column, job.Line, job.Column+len(job.Name)) } if len(job.Name) > MaxJobNameLength { ve.AddDetailWithSpan(errors.ErrJobNameTooLong, errors.ErrorMessages[errors.ErrJobNameTooLong], job.Line, job.Column, job.Line, job.Column+len(job.Name)) } if job.Name[0] != '.' { visibleCount++ if job.Stage == "" { ve.AddDetailWithSpan(errors.ErrMissingStage, fmt.Sprintf(errors.ErrorMessages[errors.ErrMissingStage], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } // (d) Check that at least one of script is present. if job.Script == nil && job.Run == nil && job.Trigger == nil { ve.AddDetailWithSpan(errors.ErrMissingScript, fmt.Sprintf(errors.ErrorMessages[errors.ErrMissingScript], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } // (e) Check that the specified stage is allowed. if job.Stage != "" { if _, ok := stagesAllowed[job.Stage]; !ok { ve.AddDetailWithSpan(errors.ErrJobStageNotExist, fmt.Sprintf(errors.ErrorMessages[errors.ErrJobStageNotExist], job.Name, job.Stage, cfg.Stages), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } // (f) Validate dependencies. dependencyGraph[job.Name] = append(dependencyGraph[job.Name], job.Dependencies...) for _, dep := range job.Dependencies { depPos, _ := job.DependencyLines[dep] if _, ok := cfg.Jobs[dep]; !ok { endLine, endCol := computeEndPosition(depPos.Line, depPos.Column, dep) ve.AddDetailWithSpan(errors.ErrUndefinedDependency, fmt.Sprintf(errors.ErrorMessages[errors.ErrUndefinedDependency], job.Name, job.Line, job.Column, dep, depPos.Line, depPos.Column, endCol), job.Line, job.Column, endLine, endCol) } else { if !checkStageOrder(cfg, dep, job.Name) { ve.AddDetailWithSpan(errors.ErrInvalidStageOrder, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidStageOrder], job.Name, dep, job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } // (g) Validate the 'needs' block. if len(job.Needs) > 0 { needNames := make(map[string]struct{}) for _, nd := range job.Needs { // Check for duplicates. if _, exist := needNames[nd]; exist { ndStartLine, ndStartCol := job.NeedLines[nd].Line, job.NeedLines[nd].Column ndEndLine, ndEndCol := computeEndPosition(ndStartLine, ndStartCol, nd) ve.AddDetailWithSpan(errors.ErrDuplicateNeeds, fmt.Sprintf(errors.ErrorMessages[errors.ErrDuplicateNeeds], job.Name, nd), ndStartLine, ndStartCol, ndEndLine, ndEndCol) } else { needNames[nd] = struct{}{} } // Check for empty need name. if nd == "" { ve.AddDetailWithSpan(errors.ErrJobNameBlank, fmt.Sprintf(errors.ErrorMessages[errors.ErrJobNameBlank], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } // Check maximum length. if len(nd) > MaxJobNameLength { ndStartLine, ndStartCol := job.NeedLines[nd].Line, job.NeedLines[nd].Column ndEndLine, ndEndCol := computeEndPosition(ndStartLine, ndStartCol, nd) ve.AddDetailWithSpan(errors.ErrNeedNameTooLong, fmt.Sprintf(errors.ErrorMessages[errors.ErrNeedNameTooLong], job.Name, nd, MaxJobNameLength), ndStartLine, ndStartCol, ndEndLine, ndEndCol) } // Check that the referenced job in 'needs' exists. needPos, posExists := job.NeedLines[nd] if !posExists { needPos = struct{ Line, Column int }{Line: job.Line, Column: job.Column} } if _, ok := cfg.Jobs[nd]; !ok { ndEndLine, ndEndCol := computeEndPosition(needPos.Line, needPos.Column, nd) ve.AddDetailWithSpan(errors.ErrUndefinedNeed, fmt.Sprintf(errors.ErrorMessages[errors.ErrUndefinedNeed], job.Name, needPos.Line, needPos.Column, ndEndCol, nd), needPos.Line, needPos.Column, ndEndLine, ndEndCol) } else if !checkStageOrder(cfg, nd, job.Name) { ndEndLine, ndEndCol := computeEndPosition(needPos.Line, needPos.Column, nd) ve.AddDetailWithSpan(errors.ErrInvalidStagesOrder, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidStagesOrder], job.Name, job.Line, job.Column, nd, needPos.Line, needPos.Column, ndEndCol, job.Name), needPos.Line, needPos.Column, ndEndLine, ndEndCol) } dependencyGraph[job.Name] = append(dependencyGraph[job.Name], nd) } } validateJobArtifacts(job, ve) validateJobDelayedParameters(job, ve) validateJobDependenciesNeedsConsistency(job, ve) validateJobRules(job, ve) validateJobWhen(job, ve) validateJobOnly(job, ve) validateJobVariables(job, ve) } if visibleCount == 0 { ve.AddDetailWithSpan(errors.ErrNoVisibleJob, errors.ErrorMessages[errors.ErrNoVisibleJob], 0, 0, 0, 0) } cycle := detectCycles(dependencyGraph) if len(cycle) > 0 { ve.AddDetailWithSpan(errors.ErrCyclicDependency, fmt.Sprintf(errors.ErrorMessages[errors.ErrCyclicDependency], cycle), 0, 0, 0, 0) } } func validateJobArtifacts(job *Job, ve *errors.ValidationError) { if job.Artifacts != nil { if len(job.Artifacts.Paths) == 0 { ve.AddDetailWithSpan(errors.ErrArtifactsPathsBlank, fmt.Sprintf(errors.ErrorMessages[errors.ErrArtifactsPathsBlank], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } func checkStageOrder(cfg *GitLabCIConfig, jobDep, jobName string) bool { depStage := cfg.Jobs[jobDep].Stage jobStage := cfg.Jobs[jobName].Stage if depStage == "" || jobStage == "" { return true } allStages := cfg.Stages depIndex, jobIndex := -1, -1 for i, st := range allStages { if st == depStage { depIndex = i } if st == jobStage { jobIndex = i } } if depIndex == -1 || jobIndex == -1 { return true } return depIndex <= jobIndex } func validateChanges(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.Changes == nil { return } switch v := cfg.Changes.(type) { case []interface{}: if len(v) > 50 { ve.AddDetailWithSpan(errors.ErrChangesTooManyEntries, errors.ErrorMessages[errors.ErrChangesTooManyEntries], 0, 0, 0, 0) } for _, item := range v { if _, ok := item.(string); !ok { ve.AddDetailWithSpan(errors.ErrChangesNotArrayOfStrings, errors.ErrorMessages[errors.ErrChangesNotArrayOfStrings], 0, 0, 0, 0) break } } case map[string]interface{}: paths, ok := v["paths"] if !ok { ve.AddDetailWithSpan(errors.ErrChangesMissingPaths, errors.ErrorMessages[errors.ErrChangesMissingPaths], 0, 0, 0, 0) } else { arr, ok := paths.([]interface{}) if !ok { ve.AddDetailWithSpan(errors.ErrChangesNotArrayOfStrings, errors.ErrorMessages[errors.ErrChangesNotArrayOfStrings], 0, 0, 0, 0) } else { if len(arr) > 50 { ve.AddDetailWithSpan(errors.ErrChangesTooManyEntries, errors.ErrorMessages[errors.ErrChangesTooManyEntries], 0, 0, 0, 0) } for _, item := range arr { if _, ok := item.(string); !ok { ve.AddDetailWithSpan(errors.ErrChangesNotArrayOfStrings, errors.ErrorMessages[errors.ErrPathsNotArrayOfStrings], 0, 0, 0, 0) break } } } } case string: ve.AddDetailWithSpan(errors.ErrChangesInvalidType, errors.ErrorMessages[errors.ErrChangesInvalidType], 0, 0, 0, 0) default: ve.AddDetailWithSpan(errors.ErrChangesInvalidType, errors.ErrorMessages[errors.ErrChangesInvalidType], 0, 0, 0, 0) } } func validatePaths(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.Paths == nil { return } arr, ok := cfg.Paths.([]interface{}) if !ok { ve.AddDetailWithSpan(errors.ErrPathsNotArrayOfStrings, errors.ErrorMessages[errors.ErrPathsNotArrayOfStrings], 0, 0, 0, 0) return } for _, item := range arr { if _, ok := item.(string); !ok { ve.AddDetailWithSpan(errors.ErrPathsNotArrayOfStrings, errors.ErrorMessages[errors.ErrPathsNotArrayOfStrings], 0, 0, 0, 0) break } } } func validateJobDelayedParameters(job *Job, ve *errors.ValidationError) { if job.When == "delayed" { if job.StartIn == "" { ve.AddDetailWithSpan(errors.ErrStartInMissing, fmt.Sprintf(errors.ErrorMessages[errors.ErrStartInMissing], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } else { d, err := time.ParseDuration(job.StartIn) if err != nil { ve.AddDetailWithSpan(errors.ErrStartInInvalid, fmt.Sprintf(errors.ErrorMessages[errors.ErrStartInInvalid], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } else if d > 7*24*time.Hour { ve.AddDetailWithSpan(errors.ErrStartInTooLong, fmt.Sprintf(errors.ErrorMessages[errors.ErrStartInTooLong], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } else { if job.StartIn != "" { ve.AddDetailWithSpan(errors.ErrStartInMustBeBlank, fmt.Sprintf(errors.ErrorMessages[errors.ErrStartInMustBeBlank], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } func validateJobDependenciesNeedsConsistency(job *Job, ve *errors.ValidationError) { if len(job.Dependencies) > 0 && len(job.Needs) > 0 { needNames := make(map[string]struct{}) for _, nd := range job.Needs { needNames[nd] = struct{}{} } for _, dep := range job.Dependencies { if _, ok := needNames[dep]; !ok { ve.AddDetailWithSpan(errors.ErrDependencyNotInNeeds, fmt.Sprintf(errors.ErrorMessages[errors.ErrDependencyNotInNeeds], job.Name, dep), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } } func validateJobRules(job *Job, ve *errors.ValidationError) { switch r := job.Rules.(type) { case map[string]interface{}: validateRule(r, job, ve) case []interface{}: for _, item := range r { if ruleMap, ok := item.(map[string]interface{}); ok { validateRule(ruleMap, job, ve) } else { ve.AddDetailWithSpan(errors.ErrInvalidRulesFormat, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidRulesFormat], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } } func validateJobOnly(job *Job, ve *errors.ValidationError) { if job.Only == nil { return } switch v := job.Only.(type) { case string: if strings.TrimSpace(v) == "" { endLine, endCol := computeEndPosition(job.OnlyLine, job.OnlyColumn, v) ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, endLine, endCol) } case []interface{}: if len(v) == 0 { ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) } else { for _, item := range v { if s, ok := item.(string); ok { if strings.TrimSpace(s) == "" { ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) break } } else { ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) break } } } case []string: if len(v) == 0 { ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) } else { for _, s := range v { if strings.TrimSpace(s) == "" { ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) break } } } default: ve.AddDetailWithSpan(errors.ErrInvalidOnly, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidOnly], job.Name), job.OnlyLine, job.OnlyColumn, job.OnlyLine, job.OnlyColumn+1) } } // validateMappingKeys validates that all keys in a YAML mapping node are within the allowed set. // fieldName is used for error messages. func validateMappingKeys(node *yaml.Node, allowedKeys map[string]struct{}, fieldName string, ve *errors.ValidationError) { if node.Kind != yaml.MappingNode { return } for i := 0; i < len(node.Content)-1; i += 2 { keyNode := node.Content[i] if _, ok := allowedKeys[keyNode.Value]; !ok { endLine, endCol := keyNode.Line, keyNode.Column+len(keyNode.Value) ve.AddDetailWithSpan(errors.ErrUnknownKey, fmt.Sprintf(errors.ErrorMessages[errors.ErrUnknownKey], keyNode.Value, fieldName), keyNode.Line, keyNode.Column, endLine, endCol) } } } func validateJobMapping(jobNode *yaml.Node, ve *errors.ValidationError) { allowedKeys := map[string]struct{}{ "stage": {}, "script": {}, "run": {}, "trigger": {}, "needs": {}, "dependencies": {}, "rules": {}, "artifacts": {}, "when": {}, "start_in": {}, "only": {}, "except": {}, "image": {}, "variables": {}, "services": {}, // add any additional allowed keys for a job... } validateMappingKeys(jobNode, allowedKeys, "job", ve) } func validateRule(rule map[string]interface{}, job *Job, ve *errors.ValidationError) { // Validate "if" field, if present. if ifVal, exists := rule["if"]; exists { if ifStr, ok := ifVal.(string); ok { if !validateExpressionSyntax(ifStr) { ve.AddDetailWithSpan(errors.ErrInvalidExpressionSyntax, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidExpressionSyntax], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } else { ve.AddDetailWithSpan(errors.ErrInvalidExpressionSyntax, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidExpressionSyntax], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } // Validate "when" field, if present. if whenVal, exists := rule["when"]; exists { if whenStr, ok := whenVal.(string); ok { allowedWhen := map[string]struct{}{ "on_success": {}, "always": {}, "on_failure": {}, "never": {}, "delayed": {}, } if _, ok := allowedWhen[whenStr]; !ok { endLine, endCol := computeEndPosition(job.Line, job.Column, whenStr) ve.AddDetailWithSpan(errors.ErrInvalidWhen, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidWhen], job.Name, whenStr), job.Line, job.Column, endLine, endCol) } } else { ve.AddDetailWithSpan(errors.ErrInvalidWhen, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidWhen], job.Name, ""), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } // Validate "changes" field, if present. if changesVal, exists := rule["changes"]; exists { if changesVal == nil { ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } else { switch v := changesVal.(type) { case string: if strings.TrimSpace(v) == "" { ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } case []interface{}: if len(v) == 0 { ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } else { for _, item := range v { if s, ok := item.(string); ok { if strings.TrimSpace(s) == "" { ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) break } } else { ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) break } } } default: ve.AddDetailWithSpan(errors.ErrInvalidChanges, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidChanges], job.Name), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } // Validate allowed keys in the rule. allowed := map[string]struct{}{ "if": {}, "when": {}, "start_in": {}, "allow_failure": {}, "changes": {}, "exists": {}, } for key := range rule { if _, ok := allowed[key]; !ok { ve.AddDetailWithSpan(errors.ErrUnknownRulesKey, fmt.Sprintf(errors.ErrorMessages[errors.ErrUnknownRulesKey], job.Name, key), job.Line, job.Column, job.Line, job.Column+len(job.Name)) } } } func validateJobWhen(job *Job, ve *errors.ValidationError) { if job.When == "" { return } allowed := map[string]struct{}{ "on_success": {}, "always": {}, "on_failure": {}, "never": {}, "delayed": {}, } if _, ok := allowed[job.When]; !ok { endLine, endCol := computeEndPosition(job.Line, job.Column, job.When) ve.AddDetailWithSpan(errors.ErrInvalidWhen, fmt.Sprintf(errors.ErrorMessages[errors.ErrInvalidWhen], job.Name, job.When), job.Line, job.Column, endLine, endCol) } } func validateExpressionSyntax(expr string) bool { return expr != "" } func detectCycles(dependencyGraph map[string][]string) []string { visited := make(map[string]bool) recStack := make(map[string]bool) var cycle []string var dfs func(string) bool dfs = func(node string) bool { if recStack[node] { cycle = append(cycle, node) return true } if visited[node] { return false } visited[node] = true recStack[node] = true for _, neighbor := range dependencyGraph[node] { if dfs(neighbor) { cycle = append(cycle, node) return true } } recStack[node] = false return false } for node := range dependencyGraph { if !visited[node] { if dfs(node) { break } } } return cycle } func validateIncludeRules(cfg *GitLabCIConfig, ve *errors.ValidationError) { if cfg.Include == nil { return } switch v := cfg.Include.(type) { case map[string]interface{}: validateIncludeRuleMap(v, ve) case []interface{}: for _, item := range v { if m, ok := item.(map[string]interface{}); ok { validateIncludeRuleMap(m, ve) } } } } func validateIncludeRuleMap(m map[string]interface{}, ve *errors.ValidationError) { keysToCheck := []string{"exists", "changes"} for _, key := range keysToCheck { if val, exists := m[key]; exists { switch val.(type) { case string: // ok case []interface{}: for _, item := range val.([]interface{}) { if _, ok := item.(string); !ok { ve.AddDetailWithSpan(errors.ErrIncludeRulesInvalid, fmt.Sprintf(errors.ErrorMessages[errors.ErrIncludeRulesInvalid], key), 0, 0, 0, 0) break } } default: ve.AddDetailWithSpan(errors.ErrIncludeRulesInvalid, fmt.Sprintf(errors.ErrorMessages[errors.ErrIncludeRulesInvalid], key), 0, 0, 0, 0) } } } } // checkFinalEmptyLine проверяет, что файл заканчивается пустой строкой. func checkFinalEmptyLine(content string, ve *errors.ValidationError) { // Если содержимое не заканчивается символом новой строки... if !strings.HasSuffix(content, "\n") { lines := strings.Split(content, "\n") lastLineIndex := len(lines) lastLineContent := lines[lastLineIndex-1] lineNum := lastLineIndex colNum := len(lastLineContent) + 1 ve.AddDetailWithSpan( errors.ErrMissingFinalNewline, errors.ErrorMessages[errors.ErrMissingFinalNewline], lineNum, colNum, lineNum, colNum, ) } }