105 lines
3.3 KiB
Bash
Executable File
105 lines
3.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Quality Rails Verification Script
|
|
# Tests that enforcement actually works
|
|
|
|
echo "═══════════════════════════════════════════"
|
|
echo "Quality Rails Enforcement Verification"
|
|
echo "═══════════════════════════════════════════"
|
|
echo ""
|
|
|
|
PASSED=0
|
|
FAILED=0
|
|
|
|
# Test 1: Type error blocked
|
|
echo "Test 1: Type errors should be blocked..."
|
|
echo "const x: string = 123;" > test-file.ts
|
|
git add test-file.ts 2>/dev/null
|
|
if git commit -m "Test commit" 2>&1 | grep -q "error"; then
|
|
echo "✅ PASS: Type errors blocked"
|
|
((PASSED++))
|
|
else
|
|
echo "❌ FAIL: Type errors NOT blocked"
|
|
((FAILED++))
|
|
fi
|
|
git reset HEAD test-file.ts 2>/dev/null
|
|
rm test-file.ts 2>/dev/null
|
|
|
|
# Test 2: any type blocked
|
|
echo ""
|
|
echo "Test 2: 'any' types should be blocked..."
|
|
echo "const x: any = 123;" > test-file.ts
|
|
git add test-file.ts 2>/dev/null
|
|
if git commit -m "Test commit" 2>&1 | grep -q "no-explicit-any"; then
|
|
echo "✅ PASS: 'any' types blocked"
|
|
((PASSED++))
|
|
else
|
|
echo "❌ FAIL: 'any' types NOT blocked"
|
|
((FAILED++))
|
|
fi
|
|
git reset HEAD test-file.ts 2>/dev/null
|
|
rm test-file.ts 2>/dev/null
|
|
|
|
# Test 3a: gitleaks binary must be present
|
|
echo ""
|
|
echo "Test 3a: gitleaks must be installed..."
|
|
if command -v gitleaks &> /dev/null; then
|
|
echo "✅ PASS: gitleaks found ($(gitleaks version 2>/dev/null || echo 'unknown version'))"
|
|
PASSED=$((PASSED + 1))
|
|
else
|
|
echo "❌ FAIL: gitleaks is NOT installed — secret scanning will not work"
|
|
echo " Install: https://github.com/gitleaks/gitleaks#installing"
|
|
FAILED=$((FAILED + 1))
|
|
fi
|
|
|
|
# Test 3b: gitleaks detects a planted AWS key
|
|
echo ""
|
|
echo "Test 3b: gitleaks should detect planted AWS key..."
|
|
if command -v gitleaks &> /dev/null; then
|
|
echo 'aws_access_key_id = AKIAIOSFODNN7REALKEY' > gitleaks-test-secret.txt
|
|
git add gitleaks-test-secret.txt 2>/dev/null
|
|
if gitleaks git --pre-commit --staged --redact 2>&1 | grep -q -i "leak\|finding"; then
|
|
echo "✅ PASS: gitleaks detected planted secret"
|
|
PASSED=$((PASSED + 1))
|
|
else
|
|
echo "❌ FAIL: gitleaks did NOT detect planted secret"
|
|
FAILED=$((FAILED + 1))
|
|
fi
|
|
git reset HEAD gitleaks-test-secret.txt 2>/dev/null
|
|
rm gitleaks-test-secret.txt 2>/dev/null
|
|
else
|
|
echo "⚠ SKIP: gitleaks not installed (Test 3a already failed)"
|
|
fi
|
|
|
|
# Test 4: Lint error blocked
|
|
echo ""
|
|
echo "Test 4: Lint errors should be blocked..."
|
|
echo "const x=123" > test-file.ts # Missing semicolon
|
|
git add test-file.ts 2>/dev/null
|
|
if git commit -m "Test commit" 2>&1 | grep -q "prettier"; then
|
|
echo "✅ PASS: Lint errors blocked"
|
|
((PASSED++))
|
|
else
|
|
echo "❌ FAIL: Lint errors NOT blocked"
|
|
((FAILED++))
|
|
fi
|
|
git reset HEAD test-file.ts 2>/dev/null
|
|
rm test-file.ts 2>/dev/null
|
|
|
|
# Summary
|
|
echo ""
|
|
echo "═══════════════════════════════════════════"
|
|
echo "Verification Summary"
|
|
echo "═══════════════════════════════════════════"
|
|
echo "✅ Passed: $PASSED"
|
|
echo "❌ Failed: $FAILED"
|
|
echo ""
|
|
|
|
if [ $FAILED -eq 0 ]; then
|
|
echo "🎉 All tests passed! Quality enforcement is working."
|
|
exit 0
|
|
else
|
|
echo "⚠ Some tests failed. Review configuration."
|
|
exit 1
|
|
fi
|