actions/renovatebot-github
1
0
Fork 0
mirror of https://github.com/renovatebot/github-action.git synced 2025-12-18 09:52:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

feat(validate-cmd-file): add validation for read/execute rights

Browse source
This commit is contained in:
Maarten Groeneweg 2024-02-09 16:13:06 +01:00
parent fd4ca43dc2
commit 8efb89b3b3
2 changed files with 20 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -74,7 +74,7 @@ Specify a command to run when the image start.
By default the image run
`renovate`.
This option is useful to customize the image before running `renovate`.
It must be an existing executable file on the local system.
It must be an existing file on the local system and the it must have execute permission.
It will be mounted to the docker container.
For example you can create a simple script like this one (let's call it

17
src/renovate.ts
View file

@ -103,15 +103,26 @@ class Renovate {
}
const configurationFile = this.input.configurationFile();
if (configurationFile !== null) {
if (
configurationFile !== null &&
(!fs.existsSync(configurationFile.value) ||
!fs.statSync(configurationFile.value).isFile())
!fs.existsSync(configurationFile.value) ||
!fs.statSync(configurationFile.value).isFile()
) {
throw new Error(
`configuration file '${configurationFile.value}' MUST be an existing file`,
);
}
try {
fs.accessSync(
configurationFile.value,
fs.constants.S_IXUSR | fs.constants.S_IRUSR,
);
} catch {
throw new Error(
`configuration file '${configurationFile.value}' MUST have read and execute rights`,
);
}
}
}
}