fix detect-secrets/entrypoint.sh exit code

c5b42049 · Jose Raul Barreras · d5828fe2 · c5b42049 · c5b42049 · c5b42049
Commit c5b42049 authored 5 years ago by Jose Raul Barreras
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -33,7 +33,7 @@ test:
    - dockerd
  script: 
    - docker run --rm its-registry.unl.edu/unl-its/docker-ci/static-code-analysis sonar-scanner -v
-    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets scan
+    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets -s

 Push to Container Registry:
  after_script:

--- a/detect-secrets/Dockerfile
+++ b/detect-secrets/Dockerfile
@@ -15,7 +15,7 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
 WORKDIR /work

 RUN apk update && apk upgrade && \
-    apk add --no-cache git && \
+    apk add --no-cache git jq && \
 	pip install detect-secrets

 COPY entrypoint.sh /usr/local/bin/

--- a/detect-secrets/entrypoint.sh
+++ b/detect-secrets/entrypoint.sh
 #!/bin/sh
 set -e
-PARAM=${2:-scan}
-/usr/local/bin/detect-secrets ${PARAM}
-exit $?
+
+while [ -n "$1" ]; do
+case "$1" in
+    -s)
+        RESULT=`/usr/local/bin/detect-secrets scan | jq '.results | length == 0'`
+        echo ${RESULT}
+        if [ "${RESULT}" = "true" ]; then
+                exit 0
+        else
+                exit 1
+        fi
+        ;;
+        *)
+        exec /bin/sh
+        ;;
+esac
+shift
+done