module Hadolint.Rule where

import Control.DeepSeq (NFData)
import Data.Default
import Data.String (IsString (..))
import Data.Text (Text, unpack)
import GHC.Generics (Generic)
import Language.Docker.Syntax
import Prettyprinter (Pretty, pretty)
import qualified Control.Foldl as Foldl
import qualified Data.Map as Map
import qualified Data.Sequence as Seq
import qualified Data.Text as Text
import qualified Data.YAML as Yaml

infixl 0 |>

(|>) :: a -> (a -> b) -> b
a
x |> :: forall a b. a -> (a -> b) -> b
|> a -> b
f = a -> b
f a
x

data DLSeverity
  = DLErrorC
  | DLWarningC
  | DLInfoC
  | DLStyleC
  | DLIgnoreC
  deriving (DLSeverity -> DLSeverity -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: DLSeverity -> DLSeverity -> Bool
$c/= :: DLSeverity -> DLSeverity -> Bool
== :: DLSeverity -> DLSeverity -> Bool
$c== :: DLSeverity -> DLSeverity -> Bool
Eq, Eq DLSeverity
DLSeverity -> DLSeverity -> Bool
DLSeverity -> DLSeverity -> Ordering
DLSeverity -> DLSeverity -> DLSeverity
forall a.
Eq a
-> (a -> a -> Ordering)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> a)
-> (a -> a -> a)
-> Ord a
min :: DLSeverity -> DLSeverity -> DLSeverity
$cmin :: DLSeverity -> DLSeverity -> DLSeverity
max :: DLSeverity -> DLSeverity -> DLSeverity
$cmax :: DLSeverity -> DLSeverity -> DLSeverity
>= :: DLSeverity -> DLSeverity -> Bool
$c>= :: DLSeverity -> DLSeverity -> Bool
> :: DLSeverity -> DLSeverity -> Bool
$c> :: DLSeverity -> DLSeverity -> Bool
<= :: DLSeverity -> DLSeverity -> Bool
$c<= :: DLSeverity -> DLSeverity -> Bool
< :: DLSeverity -> DLSeverity -> Bool
$c< :: DLSeverity -> DLSeverity -> Bool
compare :: DLSeverity -> DLSeverity -> Ordering
$ccompare :: DLSeverity -> DLSeverity -> Ordering
Ord, Int -> DLSeverity -> ShowS
[DLSeverity] -> ShowS
DLSeverity -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [DLSeverity] -> ShowS
$cshowList :: [DLSeverity] -> ShowS
show :: DLSeverity -> [Char]
$cshow :: DLSeverity -> [Char]
showsPrec :: Int -> DLSeverity -> ShowS
$cshowsPrec :: Int -> DLSeverity -> ShowS
Show, forall x. Rep DLSeverity x -> DLSeverity
forall x. DLSeverity -> Rep DLSeverity x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep DLSeverity x -> DLSeverity
$cfrom :: forall x. DLSeverity -> Rep DLSeverity x
Generic, DLSeverity -> ()
forall a. (a -> ()) -> NFData a
rnf :: DLSeverity -> ()
$crnf :: DLSeverity -> ()
NFData)

instance Yaml.FromYAML DLSeverity where
  parseYAML :: Node Pos -> Parser DLSeverity
parseYAML = forall a. (DLSeverity -> Parser a) -> Node Pos -> Parser a
withSeverity forall (f :: * -> *) a. Applicative f => a -> f a
pure

withSeverity ::
  (DLSeverity -> Yaml.Parser a) ->
  Yaml.Node Yaml.Pos ->
  Yaml.Parser a
withSeverity :: forall a. (DLSeverity -> Parser a) -> Node Pos -> Parser a
withSeverity DLSeverity -> Parser a
f v :: Node Pos
v@(Yaml.Scalar Pos
_ (Yaml.SStr Text
b)) =
  case Text -> Either [Char] DLSeverity
readEitherSeverity Text
b of
    Right DLSeverity
s -> DLSeverity -> Parser a
f DLSeverity
s
    Left [Char]
_ -> forall a. [Char] -> Node Pos -> Parser a
Yaml.typeMismatch [Char]
"severity" Node Pos
v
withSeverity DLSeverity -> Parser a
_ Node Pos
v = forall a. [Char] -> Node Pos -> Parser a
Yaml.typeMismatch [Char]
"severity" Node Pos
v

readEitherSeverity :: Text -> Either String DLSeverity
readEitherSeverity :: Text -> Either [Char] DLSeverity
readEitherSeverity Text
"error" = forall a b. b -> Either a b
Right DLSeverity
DLErrorC
readEitherSeverity Text
"warning" = forall a b. b -> Either a b
Right DLSeverity
DLWarningC
readEitherSeverity Text
"info" = forall a b. b -> Either a b
Right DLSeverity
DLInfoC
readEitherSeverity Text
"style" = forall a b. b -> Either a b
Right DLSeverity
DLStyleC
readEitherSeverity Text
"ignore" = forall a b. b -> Either a b
Right DLSeverity
DLIgnoreC
readEitherSeverity Text
"none" = forall a b. b -> Either a b
Right DLSeverity
DLIgnoreC
readEitherSeverity Text
t = forall a b. a -> Either a b
Left ([Char]
"Invalid severity: " forall a. [a] -> [a] -> [a]
++ Text -> [Char]
unpack Text
t)

readMaybeSeverity :: Text -> Maybe DLSeverity
readMaybeSeverity :: Text -> Maybe DLSeverity
readMaybeSeverity Text
"error" = forall a. a -> Maybe a
Just DLSeverity
DLErrorC
readMaybeSeverity Text
"warning" = forall a. a -> Maybe a
Just DLSeverity
DLWarningC
readMaybeSeverity Text
"info" = forall a. a -> Maybe a
Just DLSeverity
DLInfoC
readMaybeSeverity Text
"style" = forall a. a -> Maybe a
Just DLSeverity
DLStyleC
readMaybeSeverity Text
"ignore" = forall a. a -> Maybe a
Just DLSeverity
DLIgnoreC
readMaybeSeverity Text
"none" = forall a. a -> Maybe a
Just DLSeverity
DLIgnoreC
readMaybeSeverity Text
_ = forall a. Maybe a
Nothing

instance Semigroup DLSeverity where DLSeverity
_ <> :: DLSeverity -> DLSeverity -> DLSeverity
<> DLSeverity
s2 = DLSeverity
s2

instance Monoid DLSeverity where mempty :: DLSeverity
mempty = DLSeverity
DLIgnoreC

instance Default DLSeverity where
  def :: DLSeverity
def = DLSeverity
DLInfoC

instance Pretty DLSeverity where
  pretty :: forall ann. DLSeverity -> Doc ann
pretty DLSeverity
DLErrorC = Doc ann
"error"
  pretty DLSeverity
DLWarningC = Doc ann
"warning"
  pretty DLSeverity
DLInfoC = Doc ann
"info"
  pretty DLSeverity
DLStyleC = Doc ann
"style"
  pretty DLSeverity
DLIgnoreC = Doc ann
"ignore"


newtype RuleCode = RuleCode {RuleCode -> Text
unRuleCode :: Text}
  deriving (RuleCode -> RuleCode -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RuleCode -> RuleCode -> Bool
$c/= :: RuleCode -> RuleCode -> Bool
== :: RuleCode -> RuleCode -> Bool
$c== :: RuleCode -> RuleCode -> Bool
Eq, Eq RuleCode
RuleCode -> RuleCode -> Bool
RuleCode -> RuleCode -> Ordering
RuleCode -> RuleCode -> RuleCode
forall a.
Eq a
-> (a -> a -> Ordering)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> a)
-> (a -> a -> a)
-> Ord a
min :: RuleCode -> RuleCode -> RuleCode
$cmin :: RuleCode -> RuleCode -> RuleCode
max :: RuleCode -> RuleCode -> RuleCode
$cmax :: RuleCode -> RuleCode -> RuleCode
>= :: RuleCode -> RuleCode -> Bool
$c>= :: RuleCode -> RuleCode -> Bool
> :: RuleCode -> RuleCode -> Bool
$c> :: RuleCode -> RuleCode -> Bool
<= :: RuleCode -> RuleCode -> Bool
$c<= :: RuleCode -> RuleCode -> Bool
< :: RuleCode -> RuleCode -> Bool
$c< :: RuleCode -> RuleCode -> Bool
compare :: RuleCode -> RuleCode -> Ordering
$ccompare :: RuleCode -> RuleCode -> Ordering
Ord)

instance Show RuleCode where
  show :: RuleCode -> [Char]
show RuleCode
rc = forall a. Show a => a -> [Char]
show (RuleCode -> Text
unRuleCode RuleCode
rc)

instance IsString RuleCode where
  fromString :: [Char] -> RuleCode
fromString = Text -> RuleCode
RuleCode forall b c a. (b -> c) -> (a -> b) -> a -> c
. [Char] -> Text
Text.pack

instance Pretty RuleCode where
  pretty :: forall ann. RuleCode -> Doc ann
pretty RuleCode
rc = forall a ann. Pretty a => a -> Doc ann
pretty forall a b. (a -> b) -> a -> b
$ forall a. Show a => a -> [Char]
show RuleCode
rc


data CheckFailure = CheckFailure
  { CheckFailure -> RuleCode
code :: RuleCode,
    CheckFailure -> DLSeverity
severity :: DLSeverity,
    CheckFailure -> Text
message :: Text.Text,
    CheckFailure -> Int
line :: Linenumber
  }
  deriving (Int -> CheckFailure -> ShowS
[CheckFailure] -> ShowS
CheckFailure -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [CheckFailure] -> ShowS
$cshowList :: [CheckFailure] -> ShowS
show :: CheckFailure -> [Char]
$cshow :: CheckFailure -> [Char]
showsPrec :: Int -> CheckFailure -> ShowS
$cshowsPrec :: Int -> CheckFailure -> ShowS
Show, CheckFailure -> CheckFailure -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CheckFailure -> CheckFailure -> Bool
$c/= :: CheckFailure -> CheckFailure -> Bool
== :: CheckFailure -> CheckFailure -> Bool
$c== :: CheckFailure -> CheckFailure -> Bool
Eq)

instance Ord CheckFailure where
  CheckFailure
a compare :: CheckFailure -> CheckFailure -> Ordering
`compare` CheckFailure
b = CheckFailure -> Int
line CheckFailure
a forall a. Ord a => a -> a -> Ordering
`compare` CheckFailure -> Int
line CheckFailure
b


type Failures = Seq.Seq CheckFailure


data State a = State
  { forall a. State a -> Failures
failures :: Failures,
    forall a. State a -> a
state :: a
  }
  deriving (Int -> State a -> ShowS
forall a. Show a => Int -> State a -> ShowS
forall a. Show a => [State a] -> ShowS
forall a. Show a => State a -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [State a] -> ShowS
$cshowList :: forall a. Show a => [State a] -> ShowS
show :: State a -> [Char]
$cshow :: forall a. Show a => State a -> [Char]
showsPrec :: Int -> State a -> ShowS
$cshowsPrec :: forall a. Show a => Int -> State a -> ShowS
Show)


type LabelName = Text.Text

data LabelType
  = Email
  | GitHash
  | RawText
  | Rfc3339
  | SemVer
  | Spdx
  | Url
  deriving (LabelType -> LabelType -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: LabelType -> LabelType -> Bool
$c/= :: LabelType -> LabelType -> Bool
== :: LabelType -> LabelType -> Bool
$c== :: LabelType -> LabelType -> Bool
Eq, Int -> LabelType -> ShowS
[LabelType] -> ShowS
LabelType -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [LabelType] -> ShowS
$cshowList :: [LabelType] -> ShowS
show :: LabelType -> [Char]
$cshow :: LabelType -> [Char]
showsPrec :: Int -> LabelType -> ShowS
$cshowsPrec :: Int -> LabelType -> ShowS
Show)

readEitherLabelType :: Text -> Either Text LabelType
readEitherLabelType :: Text -> Either Text LabelType
readEitherLabelType Text
"email" = forall a b. b -> Either a b
Right LabelType
Email
readEitherLabelType Text
"hash" = forall a b. b -> Either a b
Right LabelType
GitHash
readEitherLabelType Text
"text" = forall a b. b -> Either a b
Right LabelType
RawText
readEitherLabelType Text
"rfc3339" = forall a b. b -> Either a b
Right LabelType
Rfc3339
readEitherLabelType Text
"semver" = forall a b. b -> Either a b
Right LabelType
SemVer
readEitherLabelType Text
"spdx" = forall a b. b -> Either a b
Right LabelType
Spdx
readEitherLabelType Text
"url" = forall a b. b -> Either a b
Right LabelType
Url
readEitherLabelType Text
"" = forall a b. b -> Either a b
Right LabelType
RawText
readEitherLabelType Text
t = forall a b. a -> Either a b
Left (Text
"invalid label type: " forall a. Semigroup a => a -> a -> a
<> Text
t)

instance Yaml.FromYAML LabelType where
  parseYAML :: Node Pos -> Parser LabelType
parseYAML = forall a. (LabelType -> Parser a) -> Node Pos -> Parser a
withLabelType forall (f :: * -> *) a. Applicative f => a -> f a
pure

withLabelType :: (LabelType -> Yaml.Parser a) -> Yaml.Node Yaml.Pos -> Yaml.Parser a
withLabelType :: forall a. (LabelType -> Parser a) -> Node Pos -> Parser a
withLabelType LabelType -> Parser a
f v :: Node Pos
v@(Yaml.Scalar Pos
_ (Yaml.SStr Text
b)) =
    case Text -> Either Text LabelType
readEitherLabelType Text
b of
      Right LabelType
lt -> LabelType -> Parser a
f LabelType
lt
      Left Text
_ -> forall a. [Char] -> Node Pos -> Parser a
Yaml.typeMismatch [Char]
"labeltype" Node Pos
v
withLabelType LabelType -> Parser a
_ Node Pos
v = forall a. [Char] -> Node Pos -> Parser a
Yaml.typeMismatch [Char]
"labeltype" Node Pos
v

instance Pretty LabelType where
  pretty :: forall ann. LabelType -> Doc ann
pretty LabelType
RawText = Doc ann
"text"
  pretty LabelType
Url = Doc ann
"url"
  pretty LabelType
Spdx = Doc ann
"spdx"
  pretty LabelType
GitHash = Doc ann
"hash"
  pretty LabelType
Rfc3339 = Doc ann
"rfc3339"
  pretty LabelType
SemVer = Doc ann
"semver"
  pretty LabelType
Email = Doc ann
"email"

type LabelSchema = Map.Map LabelName LabelType


withLineNumber ::
  (Linenumber -> t1 -> Instruction args -> t2) ->
  t1 ->
  InstructionPos args ->
  t2
withLineNumber :: forall t1 args t2.
(Int -> t1 -> Instruction args -> t2)
-> t1 -> InstructionPos args -> t2
withLineNumber Int -> t1 -> Instruction args -> t2
f t1
state InstructionPos {Instruction args
$sel:instruction:InstructionPos :: forall args. InstructionPos args -> Instruction args
instruction :: Instruction args
instruction, Int
$sel:lineNumber:InstructionPos :: forall args. InstructionPos args -> Int
lineNumber :: Int
lineNumber} =
  Int -> t1 -> Instruction args -> t2
f Int
lineNumber t1
state Instruction args
instruction

addFail :: CheckFailure -> State a -> State a
addFail :: forall a. CheckFailure -> State a -> State a
addFail CheckFailure
failure state :: State a
state@(State Failures
fails a
_) =
  State a
state
    { failures :: Failures
failures =
        Failures
fails
          forall a. Seq a -> a -> Seq a
Seq.|> CheckFailure
failure
    }

emptyState :: a -> State a
emptyState :: forall a. a -> State a
emptyState = forall a. Failures -> a -> State a
State forall a. Seq a
Seq.empty

simpleState :: State ()
simpleState :: State ()
simpleState = forall a. Failures -> a -> State a
State forall a. Seq a
Seq.empty ()

modify :: (a -> a) -> State a -> State a
modify :: forall a. (a -> a) -> State a -> State a
modify a -> a
f s :: State a
s@(State Failures
_ a
st) = State a
s {state :: a
state = a -> a
f a
st}

replaceWith :: a -> State a -> State a
replaceWith :: forall a. a -> State a -> State a
replaceWith a
newState State a
s = State a
s {state :: a
state = a
newState}

type Rule args = Foldl.Fold (InstructionPos args) Failures

-- | A simple rule that can be implemented in terms of returning True or False for each instruction
-- If you need to calculate some state to decide upon past information, use 'customRule'
simpleRule ::
  -- | rule code
  RuleCode ->
  -- | severity for the rule
  DLSeverity ->
  -- | failure message for the rule
  Text.Text ->
  -- | step calculation for the rule. Returns True or False for each line in the dockerfile depending on its validity.
  (Instruction args -> Bool) ->
  Rule args
simpleRule :: forall args.
RuleCode
-> DLSeverity -> Text -> (Instruction args -> Bool) -> Rule args
simpleRule RuleCode
code DLSeverity
severity Text
message Instruction args -> Bool
checker = forall a args.
(Int -> State a -> Instruction args -> State a)
-> State a -> Rule args
customRule forall {a}. Int -> State a -> Instruction args -> State a
step State ()
simpleState
  where
    step :: Int -> State a -> Instruction args -> State a
step Int
line State a
s Instruction args
instr
      | Instruction args -> Bool
checker Instruction args
instr = State a
s
      | Bool
otherwise = State a
s forall a b. a -> (a -> b) -> b
|> forall a. CheckFailure -> State a -> State a
addFail (RuleCode -> DLSeverity -> Text -> Int -> CheckFailure
CheckFailure RuleCode
code DLSeverity
severity Text
message Int
line)

-- | A rule that accumulates a State a. The state contains the collection of failed lines and a custom data
-- type that can be used to track properties for the rule. Each step always returns the new State, which offers
-- the ability to both accumulate properties and mark failures for every given instruction.
customRule ::
  (Linenumber -> State a -> Instruction args -> State a) ->
  State a ->
  Rule args
customRule :: forall a args.
(Int -> State a -> Instruction args -> State a)
-> State a -> Rule args
customRule Int -> State a -> Instruction args -> State a
step State a
initial = forall a args.
(Int -> State a -> Instruction args -> State a)
-> State a -> (State a -> Failures) -> Rule args
veryCustomRule Int -> State a -> Instruction args -> State a
step State a
initial forall a. State a -> Failures
failures

-- | Similarly to 'customRule', it returns a State a for each step, but it has the ability to run a
-- done callback as the last step of the rule. The done callback can be used to transform the state
-- and mark failures for any arbitrary line in the input. This helper is meant for rules that need
-- to do lookahead. Instead of looking ahead, the state should store the facts and make a decision about
-- them once the input is finished.
veryCustomRule ::
  -- | step calculation for the rule. Called for each instruction in the docker file
  -- it must return the state after being modified by the rule
  (Linenumber -> State a -> Instruction args -> State a) ->
  -- | initial state
  State a ->
  -- | done callaback. It is passed the final accumulated state and it should return all failures
  -- found by the rule
  (State a -> Failures) ->
  Rule args
veryCustomRule :: forall a args.
(Int -> State a -> Instruction args -> State a)
-> State a -> (State a -> Failures) -> Rule args
veryCustomRule Int -> State a -> Instruction args -> State a
step = forall a b x. (x -> a -> x) -> x -> (x -> b) -> Fold a b
Foldl.Fold (forall t1 args t2.
(Int -> t1 -> Instruction args -> t2)
-> t1 -> InstructionPos args -> t2
withLineNumber Int -> State a -> Instruction args -> State a
step)

foldArguments :: (a -> b) -> Arguments a -> b
foldArguments :: forall a b. (a -> b) -> Arguments a -> b
foldArguments a -> b
applyRule Arguments a
args =
  case Arguments a
args of
    ArgumentsText a
as -> a -> b
applyRule a
as
    ArgumentsList a
as -> a -> b
applyRule a
as

-- | Returns the result of running the check function on the image alias
--   name, if the passed instruction is a FROM instruction with a stage alias.
--   Otherwise, returns True.
aliasMustBe :: (Text.Text -> Bool) -> Instruction a -> Bool
aliasMustBe :: forall a. (Text -> Bool) -> Instruction a -> Bool
aliasMustBe Text -> Bool
predicate Instruction a
fromInstr =
  case Instruction a
fromInstr of
    From BaseImage {$sel:alias:BaseImage :: BaseImage -> Maybe ImageAlias
alias = Just (ImageAlias Text
as)} -> Text -> Bool
predicate Text
as
    Instruction a
_ -> Bool
True

archiveFileFormatExtensions :: [Text.Text]
archiveFileFormatExtensions :: [Text]
archiveFileFormatExtensions =
  [ Text
".tar",
    Text
".Z",
    Text
".bz2",
    Text
".gz",
    Text
".lz",
    Text
".lzma",
    Text
".tZ",
    Text
".tb2",
    Text
".tbz",
    Text
".tbz2",
    Text
".tgz",
    Text
".tlz",
    Text
".tpz",
    Text
".txz",
    Text
".xz"
  ]

dropQuotes :: Text -> Text
dropQuotes :: Text -> Text
dropQuotes = (Char -> Bool) -> Text -> Text
Text.dropAround Char -> Bool
quotes
  where
    quotes :: Char -> Bool
quotes Char
'\"' = Bool
True
    quotes Char
'\'' = Bool
True
    quotes Char
_ = Bool
False


-- | Unwraps ONBUILD instructions and applies the rule to the content
--
onbuild :: Rule args -> Rule args
onbuild :: forall args. Rule args -> Rule args
onbuild Rule args
rule =
  forall a r. (a -> Bool) -> Fold a r -> Fold a r
Foldl.prefilter forall {args}. InstructionPos args -> Bool
isOnbuild (forall a b r. (a -> b) -> Fold b r -> Fold a r
Foldl.premap forall {args}. InstructionPos args -> InstructionPos args
unwrapOnbuild Rule args
rule)
  where
    isOnbuild :: InstructionPos args -> Bool
isOnbuild InstructionPos {$sel:instruction:InstructionPos :: forall args. InstructionPos args -> Instruction args
instruction = OnBuild {}} = Bool
True
    isOnbuild InstructionPos args
_ = Bool
False

    unwrapOnbuild :: InstructionPos args -> InstructionPos args
unwrapOnbuild inst :: InstructionPos args
inst@InstructionPos {$sel:instruction:InstructionPos :: forall args. InstructionPos args -> Instruction args
instruction = OnBuild Instruction args
i} = InstructionPos args
inst {$sel:instruction:InstructionPos :: Instruction args
instruction = Instruction args
i}
    unwrapOnbuild InstructionPos args
inst = InstructionPos args
inst