Class: Kamal::Lint::Checks::BuilderRegistrySecretUndeclared

Inherits:
Kamal::Lint::Check show all
Defined in:
lib/kamal/lint/checks/builder_registry_secret_undeclared.rb

Instance Attribute Summary

Attributes inherited from Kamal::Lint::Check

#context

Instance Method Summary collapse

Methods inherited from Kamal::Lint::Check

applies_to?, autofixable, id, #initialize, severity, since, title, until_version

Constructor Details

This class inherits a constructor from Kamal::Lint::Check

Instance Method Details

#callObject 



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/kamal/lint/checks/builder_registry_secret_undeclared.rb', line 12

def call
  registry = parsed["registry"] || parsed.dig("builder", "registry")
  return [] unless registry.is_a?(Hash)

  declared = context.secrets
  findings = []

  %w[username password].each do |key|
    value = registry[key]
    next unless value.is_a?(Array)

    value.each_with_index do |name, idx|
      next unless name.is_a?(String)
      next if declared.include?(name)

      findings << finding(
        message: "registry #{key} references secret `#{name}` but it isn't declared in .kamal/secrets",
        line: context.line_for([ "registry", key, idx.to_s ]) ||
              context.line_for([ "builder", "registry", key, idx.to_s ])
      )
    end
  end

  findings
end