Page Comparison

...

# In window 1
docker run -it --name ps mcr.microsoft.com/powershell pwsh

# In window 2 (different shell because the first one is occupied by the running command)
docker cp analyze.ps1 ps:/opt

# Back to window 2, you're now at a powershell prompt inside the container
# If Install-Module fails below, disconnect from VPN and then run:
#     Register-PSRepository -Default

Install-Module PSScriptAnalyzer -Force
cd opt
./analzyeanalyze.ps1

less results.sarif

...

Research 07 Sep 2022 :

GitHub Action: https://github.com/microsoft/psscriptanalyzer-action

• Doesn't seem to be active, there are no responses to issues and open PRs.

Notes from documentation:

• Need to mention how to skip rule: https://docs.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/using-scriptanalyzer?view=ps-modules#suppressing-rules
• Custom rules: https://docs.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/using-scriptanalyzer?view=ps-modules#custom-rules

SARIF Tutorial: https://github.com/microsoft/sarif-tutorials

• For future reference: Once this implementation is done, should we consider migrating other linting results into SARIF format for compatibility

Exploration

• Locally, will be executing script https://github.com/Ed-Fi-Alliance-OSS/Ed-Fi-ODS-AdminApp/blob/main/eng/send-test-results.ps1

• Run: Install-Module -Name PSScriptAnalyzer -Force.
• Run: Invoke-ScriptAnalyzer -ScriptDefinition '"b" = "b"; function eliminate-file () { }' to verify that module is working.
• Run:  Invoke-ScriptAnalyzer -Path .\send-test-results.ps1 from eng folder.

Image Added

• Test with -Fix fixes what's possible and prints the remaining results.
• Run with -ReportSummary  to get more details about results.

Image Added

More information about the options: https://docs.microsoft.com/en-us/powershell/module/psscriptanalyzer/invoke-scriptanalyzer?view=ps-modules

Explore https://github.com/microsoft/ConvertToSARIF