actions/run: Check script exists during recipe verification

If a script doesn't exist or the permissions are wrong, the
recipe exits during execution. Let's check early if the
script exists on the host filesystem and that the file has
executable permission bit set.

Signed-off-by: Christopher Obbard <[email protected]>

Author: obbardc

actions/run_action.go

@@ -45,6 +45,8 @@ package actions
 import (
 	"errors"
 	"github.com/go-debos/fakemachine"
+	"fmt"
+	"os"
 	"path"
 	"strings"
 
@@ -68,6 +70,21 @@ func (run *RunAction) Verify(context *debos.DebosContext) error {
 	if run.Script == "" && run.Command == "" {
 		return errors.New("Script and Command both cannot be empty")
 	}
+
+	if run.Script != "" {
+		argv := strings.SplitN(run.Script, " ", 2)
+		script := debos.CleanPathAt(argv[0], context.RecipeDir)
+
+		stat, err := os.Stat(script)
+		if err != nil {
+			return err
+		}
+
+		if stat.IsDir() || stat.Mode()&0111 == 0 {
+			return fmt.Errorf("Script %s is not executable", script)
+		}
+	}
+
 	return nil
 }