update

ms-zhenhua · ms-zhenhua · commit 62347fa235d9 · 2024-04-28T11:01:22.000+08:00
diff --git a/eng/pipelines/armstrong-validation.yml b/eng/pipelines/armstrong-validation.yml
@@ -13,7 +13,7 @@ jobs:
   
   - script: |
       go version
-      go install github.com/azure/armstrong@109e9a46faa57c2c5af762019342dff3030f7d79
+      go install github.com/azure/armstrong@67fe406e78e3b94075932add869f8b11fb4dd0a6
       echo '##vso[task.prependpath]$(HOME)/go/bin'
     displayName: 'Setup dependencies'
 
diff --git a/eng/scripts/Armstrong-Validation.ps1 b/eng/scripts/Armstrong-Validation.ps1
@@ -83,6 +83,7 @@ function Get-ChangedTerraformFiles($changedFiles = (Get-ChangedFiles)) {
   $changedFiles = Get-ChangedFilesUnderSpecification $changedFiles
 
   $changedSwaggerFiles = $changedFiles.Where({ 
+      # since `git diff` returns paths with `/`, use the following code to match the `main.tf`
       $_.EndsWith("/main.tf")
     })
     
@@ -113,27 +114,31 @@ function Ensure-Armstrong-Installed {
 
 function Validate-Terraform-Error($repoPath, $filePath) {
   $fileDirectory = (Split-Path -Parent $filePath)
-
-  $outputDirectory = Join-Path -Path $fileDirectory -ChildPath "58d50903-36e9-4f57-a1e5-f246d7ecdec0"
-
-  if (!(Test-Path -Path $outputDirectory)) {
-    New-Item -Path $outputDirectory -ItemType Directory
-    # run armstrong credscan
-    $specPath = Join-Path -Path $repoPath -ChildPath "specification"
-    LogInfo "armstrong credscan -working-dir $fileDirectory -swagger-repo $specPath -output-dir $outputDirectory"
-    armstrong credscan -working-dir $fileDirectory -swagger-repo $specPath -output-dir $outputDirectory
-  }
-
-  $result = @()
-  # error reports are stored in a directory named armstrong_credscan_<timestamp>
-  Get-ChildItem -Path $outputDirectory -Directory -Filter "armstrong_credscan_*" | ForEach-Object {
-    $errorJsonPath = Join-Path -Path $_.FullName -ChildPath "errors.json"
-    if (Test-Path -Path $errorJsonPath) {
-      Get-Content -Path $errorJsonPath -Raw | ConvertFrom-Json | ForEach-Object {
-        $result += "$_"
+  $outputDirectory = [System.IO.Path]::Combine([System.IO.Path]::GetTempPath(), [System.IO.Path]::GetRandomFileName())
+
+  try {
+    if (!(Test-Path -Path $outputDirectory)) {
+      New-Item -Path $outputDirectory -ItemType Directory
+      # run armstrong credscan
+      $specPath = Join-Path -Path $repoPath -ChildPath "specification"
+      LogInfo "armstrong credscan -working-dir $fileDirectory -swagger-repo $specPath -output-dir $outputDirectory"
+      armstrong credscan -working-dir $fileDirectory -swagger-repo $specPath -output-dir $outputDirectory
+    }
+  
+    $result = @()
+    # error reports are stored in a directory named armstrong_credscan_<timestamp>
+    Get-ChildItem -Path $outputDirectory -Directory -Filter "armstrong_credscan_*" | ForEach-Object {
+      $errorJsonPath = Join-Path -Path $_.FullName -ChildPath "errors.json"
+      if (Test-Path -Path $errorJsonPath) {
+        Get-Content -Path $errorJsonPath -Raw | ConvertFrom-Json | ForEach-Object {
+          $result += "$_"
+        }
       }
     }
   }
+  finally {
+    Remove-Item -Path $outputDirectory -Recurse -Force
+  }
 
   return $result
 }
