oxsecurity
Set env var via PRE_COMMAND
Heyo!
Is there a way to set a different environment variable used by MegaLinter during a PRE_COMMAND step? I have a use case where I'd like to run MegaLinter on repositories containing multiple Helm charts used by an ArgoCD application. The directory structure looks something like this:
.
├── charts
│ ├── app-1
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── app-2
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ └── app-3
│ ├── Chart.yaml
│ ├── templates
│ │ ├── deployment.yaml
│ │ └── service.yaml
│ └── values.yaml
└── envs
├── dev
│ ├── app-1.yaml
│ ├── app-2.yaml
│ ├── app-3.yaml
│ └── values.yaml
├── qa
│ ├── app-1.yaml
│ ├── app-2.yaml
│ ├── app-3.yaml
│ └── values.yaml
└── prod
├── app-1.yaml
├── app-2.yaml
├── app-3.yaml
└── values.yaml
By default, it looks like the KUBERNETES_HELM linter isn't finding a Chart.yaml at the root of the repo, so it is being skipped.
[Activation] KUBERNETES_HELM has been set inactive, as none of these files has been found: ['Chart.yml', 'Chart.yaml']
[Activation] KUBERNETES_KUBESCAPE has been set inactive, as none of these files has been found: ['Chart.yml', 'Chart.yaml']
So to handle that, I've just been setting KUBERNETES_DIRECTORY to the path for the first app, charts/app-1. At that point, though, I run into two other issues:
helm lintcannot find the individual chartshelm lintcannot find the values files for each chart
Ideally, I'd like to be able to pass separate sets of values files for each chart, but for now I've been trying to do something like the following:
- Get the list of charts (
charts/app-1,charts/app-2, andcharts/app-3) - Get the list of
devvalues files (envs/dev/app-1.yaml,envs/dev/app-2.yaml,envs/dev/app-3.yaml,envs/dev/values.yaml) - Pass these as arguments via
KUBERNETES_HELM_ARGUMENTS
I'd like to be able to scale this across a number of repositories, and generate the arguments at runtime (the lists of apps may change pretty often). I tried setting this up via KUBERNETES_HELM_PRE_COMMANDS, but it doesn't look like it allows me to override the KUBERNETES_HELM_ARGUMENTS value sent to the container.
KUBERNETES_HELM_PRE_COMMANDS:
- command: |
KUBERNETES_HELM_ARGUMENTS=""
KUBERNETES_HELM_CHARTS=""
for file in $(find /tmp/lint/charts -path "**/values.yaml" -type f); do
KUBERNETES_HELM_CHARTS="$KUBERNETES_HELM_CHARTS $(dirname $file)"
KUBERNETES_HELM_ARGUMENTS="$KUBERNETES_HELM_ARGUMENTS -f $file"
done
for file in $(find /tmp/lint/envs -path "**/dev/*.yaml" -type f); do
KUBERNETES_HELM_ARGUMENTS="$KUBERNETES_HELM_ARGUMENTS -f $file"
done
export KUBERNETES_HELM_ARGUMENTS="$KUBERNETES_HELM_CHARTS $KUBERNETES_HELM_ARGUMENTS"
secured: false
# Result: /tmp/lint/charts/app-1 /tmp/lint/charts/app-2 /tmp/lint/charts/app-3 -f /tmp/lint/envs/dev/app-1.yaml -f /tmp/lint/envs/dev/app-2.yaml -f /tmp/lint/envs/dev/app-3.yaml -f /tmp/lint/envs/dev/values.yaml
Is there another way I should go about this? I'm thinking just moving this to a separate script that is run before MegaLinter, but it'd be nice to be able to keep it all in .mega-linter.yml :)
