From c5b420492f5cbb1fdc76093cfda9e3320b6c792d Mon Sep 17 00:00:00 2001
From: Jose Raul Barreras <barreras@unl.edu>
Date: Thu, 30 May 2019 11:57:40 -0500
Subject: [PATCH] fix detect-secrets/entrypoint.sh exit code

---
 .gitlab-ci.yml               |  2 +-
 detect-secrets/Dockerfile    |  2 +-
 detect-secrets/entrypoint.sh | 21 ++++++++++++++++++---
 3 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b1cef42..b0829d5 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -33,7 +33,7 @@ test:
     - dockerd
   script: 
     - docker run --rm its-registry.unl.edu/unl-its/docker-ci/static-code-analysis sonar-scanner -v
-    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets scan
+    - docker run --rm -v "${PWD}:/work" -w /work its-registry.unl.edu/unl-its/docker-ci/detect-secrets -s
 
 Push to Container Registry:
   after_script:
diff --git a/detect-secrets/Dockerfile b/detect-secrets/Dockerfile
index 1c44f63..51e07de 100644
--- a/detect-secrets/Dockerfile
+++ b/detect-secrets/Dockerfile
@@ -15,7 +15,7 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
 WORKDIR /work
 
 RUN apk update && apk upgrade && \
-    apk add --no-cache git && \
+    apk add --no-cache git jq && \
 	pip install detect-secrets
 
 COPY entrypoint.sh /usr/local/bin/
diff --git a/detect-secrets/entrypoint.sh b/detect-secrets/entrypoint.sh
index 2a25395..b60b64d 100644
--- a/detect-secrets/entrypoint.sh
+++ b/detect-secrets/entrypoint.sh
@@ -1,5 +1,20 @@
 #!/bin/sh
 set -e
-PARAM=${2:-scan}
-/usr/local/bin/detect-secrets ${PARAM}
-exit $?
+
+while [ -n "$1" ]; do
+case "$1" in
+    -s)
+        RESULT=`/usr/local/bin/detect-secrets scan | jq '.results | length == 0'`
+        echo ${RESULT}
+        if [ "${RESULT}" = "true" ]; then
+                exit 0
+        else
+                exit 1
+        fi
+        ;;
+        *)
+        exec /bin/sh
+        ;;
+esac
+shift
+done
-- 
GitLab