From b82e0b0f57c4c7e5fe036fb0c20547f750214625 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 7 Apr 2025 17:43:33 +0200 Subject: [PATCH] check-exif-in-images.sh: Code Quality JSON output --- .gitlab-ci.yml | 5 +---- tools/check-exif-in-images.sh | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) create mode 100755 tools/check-exif-in-images.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a34416a89c..69a863b4f0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -220,10 +220,7 @@ lint: - function set_error() { export EXITVALUE=1; printf "\x1b[31mERROR `history|tail -2|head -1|cut -b 6-500`\x1b[0m\n"; } - chown -R $(whoami) . - - find metadata/ -name '*.jp*g' -o -name '*.png' | xargs exiftool -all= - - echo "these images have EXIF that must be stripped:" - - git --no-pager diff --stat - - git --no-pager diff --name-only --exit-code || set_error + - ./tools/check-exif-in-images.sh || set_error - ./tools/check-localized-metadata.py || set_error - ./tools/check-keyalias-collision.py || set_error - ./tools/check-metadata-summary-whitespace.py || set_error diff --git a/tools/check-exif-in-images.sh b/tools/check-exif-in-images.sh new file mode 100755 index 0000000000..123c6a505d --- /dev/null +++ b/tools/check-exif-in-images.sh @@ -0,0 +1,25 @@ +#!/bin/bash -x +# + +find metadata/ -name '*.jp*g' -o -name '*.png' | xargs exiftool -all= +msg="these images have EXIF that must be stripped:" +echo $msg +git diff --stat +check_name=$(basename $0) +# Output a single JSON file per file because JSON commas are hard in +# bash. And this job combines *.json into a single JSON report anyway. +for f in $(git diff --name-only); do + fingerprint=$(sha256sum "$f" | awk '{print $1}') + cat < $check_name-$(echo $f | sed 's,[^a-zA-Z0-9],_,g').json +[ +{ + "description": "$msg", + "check_name": "$check_name", + "fingerprint": "$fingerprint", + "severity": "critical", + "location": {"path": "$f", "lines": {"begin": 0}} +} +] +EOF +done +git diff --name-only --exit-code