Skip to content
This repository was archived by the owner on Feb 25, 2025. It is now read-only.

Commit 0defb26

Browse files
authored
Add gclient parser. (#32135)
* Add gclient parser. * pin python-installation version. * Update documentation. * Add license header.
1 parent 4b87330 commit 0defb26

File tree

2 files changed

+117
-4
lines changed

2 files changed

+117
-4
lines changed

.github/workflows/scorecards-analysis.yml

Lines changed: 15 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@ on:
44
branch_protection_rule:
55
push:
66
branches: [ main ]
7+
pull_request:
8+
branches:
9+
- main
710

811
# Declare default permissions as read only.
912
permissions: read-all
@@ -21,12 +24,20 @@ jobs:
2124

2225
steps:
2326
- name: "Checkout code"
24-
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0
27+
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
2528
with:
2629
persist-credentials: false
2730

31+
- name: setup python
32+
uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20
33+
with:
34+
python-version: '3.7.7' # install the python version needed
35+
36+
- name: execute py script
37+
run: python ci/deps_parser.py
38+
2839
- name: "Run analysis"
29-
uses: ossf/scorecard-action@c8416b0b2bf627c349ca92fc8e3de51a64b005cf # v1.0.2
40+
uses: ossf/scorecard-action@c8416b0b2bf627c349ca92fc8e3de51a64b005cf
3041
with:
3142
results_file: results.sarif
3243
results_format: sarif
@@ -41,14 +52,14 @@ jobs:
4152

4253
# Upload the results as artifacts (optional).
4354
- name: "Upload artifact"
44-
uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2.3.1
55+
uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
4556
with:
4657
name: SARIF file
4758
path: results.sarif
4859
retention-days: 5
4960

5061
# Upload the results to GitHub's code scanning dashboard.
5162
- name: "Upload to code-scanning"
52-
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
63+
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5
5364
with:
5465
sarif_file: results.sarif

ci/deps_parser.py

Lines changed: 102 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,102 @@
1+
#!/usr/bin/env python3
2+
#
3+
# Copyright 2013 The Flutter Authors. All rights reserved.
4+
# Use of this source code is governed by a BSD-style license that can be
5+
# found in the LICENSE file.
6+
7+
# Usage: deps_parser.py --deps <DEPS file> --output <flattened deps>
8+
#
9+
# This script parses the DEPS file, extracts the fully qualified dependencies
10+
# and writes the to a file. This file will be later used to validate the dependencies
11+
# are pinned to a hash.
12+
13+
import argparse
14+
import os
15+
import sys
16+
17+
SCRIPT_DIR = os.path.dirname(sys.argv[0])
18+
CHECKOUT_ROOT = os.path.realpath(os.path.join(SCRIPT_DIR, '..'))
19+
20+
21+
# Used in parsing the DEPS file.
22+
class VarImpl(object):
23+
_env_vars = {
24+
"host_cpu": "x64",
25+
"host_os": "linux",
26+
}
27+
28+
def __init__(self, local_scope):
29+
self._local_scope = local_scope
30+
31+
def Lookup(self, var_name):
32+
"""Implements the Var syntax."""
33+
if var_name in self._local_scope.get("vars", {}):
34+
return self._local_scope["vars"][var_name]
35+
# Inject default values for env variables
36+
if var_name in self._env_vars:
37+
return self._env_vars[var_name]
38+
raise Exception("Var is not defined: %s" % var_name)
39+
40+
41+
def ParseDepsFile(deps_file):
42+
local_scope = {}
43+
var = VarImpl(local_scope)
44+
global_scope = {
45+
'Var': var.Lookup,
46+
'deps_os': {},
47+
}
48+
# Read the content.
49+
with open(deps_file, 'r') as fp:
50+
deps_content = fp.read()
51+
52+
# Eval the content.
53+
exec (deps_content, global_scope, local_scope)
54+
55+
# Extract the deps and filter.
56+
deps = local_scope.get('deps', {})
57+
filtered_deps = []
58+
for k, v in deps.items():
59+
# We currently do not support packages or cipd which are represented
60+
# as dictionaries.
61+
if isinstance(v, str):
62+
filtered_deps.append(v)
63+
64+
return filtered_deps
65+
66+
67+
def WriteManifest(deps, manifest_file):
68+
print('\n'.join(sorted(deps)))
69+
with open(manifest_file, 'w') as manifest:
70+
manifest.write('\n'.join(sorted(deps)))
71+
72+
73+
def ParseArgs(args):
74+
args = args[1:]
75+
parser = argparse.ArgumentParser(
76+
description='A script to flatten a gclient DEPS file.')
77+
78+
parser.add_argument(
79+
'--deps',
80+
'-d',
81+
type=str,
82+
help='Input DEPS file.',
83+
default=os.path.join(CHECKOUT_ROOT, 'DEPS'))
84+
parser.add_argument(
85+
'--output',
86+
'-o',
87+
type=str,
88+
help='Output flattened deps file.',
89+
default=os.path.join(CHECKOUT_ROOT, 'deps_flatten.txt'))
90+
91+
return parser.parse_args(args)
92+
93+
94+
def Main(argv):
95+
args = ParseArgs(argv)
96+
deps = ParseDepsFile(args.deps)
97+
WriteManifest(deps, args.output)
98+
return 0
99+
100+
101+
if __name__ == '__main__':
102+
sys.exit(Main(sys.argv))

0 commit comments

Comments
 (0)