IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Chore: Fix frontend metrics (#40325)

Browse Source 
* build(yarn): add yarn-outdated plugin for checking outdated dependencies

* refactor(frontend-metrics): update dep and vulnerablity commands to work with yarn berry

* feat(frontend-metrics): introduce critical vulnerabilities count

* feat(frontend-metrics): echo out critical vulnerabilities
This commit is contained in:
Jack Westbrook 2021-10-12 15:45:03 +02:00 committed by GitHub
parent 3c52df960a
commit 084a9b7d1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.yarn/plugins/@yarnpkg/plugin-outdated.cjs vendored Normal file
View File

File diff suppressed because one or more lines are too long

2
.yarnrc.yml
View File

@ -11,5 +11,7 @@ plugins:
spec: "@yarnpkg/plugin-typescript"
- path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
spec: "@yarnpkg/plugin-interactive-tools"
- path: .yarn/plugins/@yarnpkg/plugin-outdated.cjs
spec: "https://mskelton.dev/yarn-outdated/v2"
yarnPath: .yarn/releases/yarn-3.1.0-rc.5.cjs

13
scripts/ci-frontend-metrics.sh
View File

@ -13,11 +13,12 @@ STRICT_LINT_RESULTS="$(./node_modules/.bin/eslint --rule '@typescript-eslint/no-
STRICT_LINT_EXPLICIT_ANY="$(echo "${STRICT_LINT_RESULTS}" | grep -o "no-explicit-any" | wc -l)"
TOTAL_BUNDLE="$(du -sk ./public/build | cut -f1)"
OUTDATED_DEPENDENCIES="$(yarn outdated | wc -l | xargs)"
VULNERABILITY_AUDIT="$(yarn audit | grep 'Severity:' | grep -Eo '[0-9]{1,4}')"
LOW_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | sed -n '1p')"
MED_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | sed -n '2p')"
HIGH_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | sed -n '3p')"
OUTDATED_DEPENDENCIES="$(yarn outdated --all | grep -oP '[[:digit:]]+ *(?=dependencies are out of date)')"
VULNERABILITY_AUDIT="$(yarn npm audit --all --recursive --json)"
LOW_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | grep -o -i '"severity":"low"' | wc -l)"
MED_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | grep -o -i '"severity":"moderate"' | wc -l)"
HIGH_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | grep -o -i '"severity":"high"' | wc -l)"
CRITICAL_VULNERABILITIES="$(echo "${VULNERABILITY_AUDIT}" | grep -o -i '"severity":"critical"' | wc -l)"
echo -e "Typescript errors: $ERROR_COUNT"
echo -e "Accessibility errors: $ACCESSIBILITY_ERRORS"
@ -32,6 +33,7 @@ echo -e "Total outdated dependencies: $OUTDATED_DEPENDENCIES"
echo -e "Low vulnerabilities: $LOW_VULNERABILITIES"
echo -e "Med vulnerabilities: $MED_VULNERABILITIES"
echo -e "High vulnerabilities: $HIGH_VULNERABILITIES"
echo -e "Critical vulnerabilities: $CRITICAL_VULNERABILITIES"
echo "Metrics: {
\"grafana.ci-code.strictErrors\": \"${ERROR_COUNT}\",
@ -47,4 +49,5 @@ echo "Metrics: {
\"grafana.ci-code.dependencies.vulnerabilities.low\": \"${LOW_VULNERABILITIES}\",
\"grafana.ci-code.dependencies.vulnerabilities.medium\": \"${MED_VULNERABILITIES}\",
\"grafana.ci-code.dependencies.vulnerabilities.high\": \"${HIGH_VULNERABILITIES}\"
\"grafana.ci-code.dependencies.vulnerabilities.critical\": \"${CRITICAL_VULNERABILITIES}\"
}"