SCP-68 Adds CopyLeft Policy Checker

scanoss · Jan 25, 2024 · 9771699 · 9771699
1 parent b071d74
commit 9771699
Show file tree

Hide file tree

Showing 7 changed files with 113 additions and 44 deletions.
diff --git a/dist/index.js b/dist/index.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -71,6 +71,7 @@
     "@actions/github": "^6.0.0"
   },
   "devDependencies": {
+    "@octokit/types": "^12.4.0",
     "@types/jest": "^29.5.11",
     "@types/node": "^20.11.0",
     "@typescript-eslint/eslint-plugin": "^6.18.1",

diff --git a/src/main.ts b/src/main.ts
@@ -2,7 +2,7 @@ import * as core from '@actions/core';
 import * as exec from '@actions/exec';
 import { getLicenses, readResult } from './services/result.service';
 import { createCommentOnPR, isPullRequest } from './utils/github.utils';
-import { LicensePolicyCheck } from './policies/license-policy-check';
+import { CopyleftPolicyCheck } from './policies/copyleft-policy-check';
 import { getLicensesReport } from './services/report.service';
 
 /**
@@ -18,7 +18,7 @@ export async function run(): Promise<void> {
 
     // create policies
     core.debug(`Creating policies`);
-    const policies = [new LicensePolicyCheck()];
+    const policies = [new CopyleftPolicyCheck()];
     policies.forEach(async policy => policy.start());
 
     // run scan

diff --git a/src/policies/copyleft-policy-check.ts b/src/policies/copyleft-policy-check.ts
@@ -0,0 +1,22 @@
+import { ScannerResults } from '../services/result.interfaces';
+import { CHECK_NAME } from '../app.config';
+import { PolicyCheck } from './policy-check';
+import { getLicenses } from '../services/result.service';
+
+export class CopyleftPolicyCheck extends PolicyCheck {
+  constructor() {
+    super(`${CHECK_NAME}: Copyleft Policy`);
+  }
+
+  async run(scannerResults: ScannerResults): Promise<void> {
+    super.run(scannerResults);
+    const licenses = getLicenses(scannerResults);
+
+    const hasCopyleft = licenses.some(license => !!license.copyleft);
+    if (!hasCopyleft) {
+      this.success('Completed succesfully', 'Not copyleft licenses were found');
+    } else {
+      this.reject('Completed failure', 'Copyleft licenses were found:'); // TODO: create a table with copyleft licenses
+    }
+  }
+}
diff --git a/src/policies/license-policy-check.ts b/src/policies/license-policy-check.ts
diff --git a/src/policies/policy-check.ts b/src/policies/policy-check.ts
@@ -2,26 +2,38 @@ import { context, getOctokit } from '@actions/github';
 import * as core from '@actions/core';
 import { getSHA } from '../utils/github.utils';
 import { ScannerResults } from '../services/result.interfaces';
+import { GitHub } from '@actions/github/lib/utils';
+import { OctokitResponse } from '@octokit/types';
 
-const NO_INITIALIZATE = -1;
+const UNINITIALIZED = -1;
+
+export enum CONCLUSION {
+  ActionRequired = 'action_required',
+  Cancelled = 'cancelled',
+  Failure = 'failure',
+  Neutral = 'neutral',
+  Success = 'success',
+  Skipped = 'skipped',
+  Stale = 'stale',
+  TimedOut = 'timed_out'
+}
 
 export abstract class PolicyCheck {
-  private octokit; // TODO: type from actions/github ?
+  private octokit: InstanceType<typeof GitHub>;
 
   private checkName: string;
 
   private checkRunId: number;
 
   constructor(checkName: string) {
-    const GITHUB_TOKEN = core.getInput('github-token'); // TODO: move to inputs.ts file?
+    const GITHUB_TOKEN = core.getInput('github-token');
 
     this.octokit = getOctokit(GITHUB_TOKEN);
     this.checkName = checkName;
-    this.checkRunId = NO_INITIALIZATE;
+    this.checkRunId = UNINITIALIZED;
   }
 
   async start(): Promise<any> {
-    // Promise<OctokitResponse>
     const result = await this.octokit.rest.checks.create({
       owner: context.repo.owner,
       repo: context.repo.repo,
@@ -34,24 +46,35 @@ export abstract class PolicyCheck {
     return result.data;
   }
 
-  async run(scannerResults: ScannerResults): Promise<any> {
-    // Promise<OctokitResponse>
-    if (this.checkRunId === NO_INITIALIZATE)
-      throw new Error(`Error on finish. Check "${this.checkName}" is not created.`);
+  async run(scannerResults: ScannerResults): Promise<void> {
+    if (this.checkRunId === UNINITIALIZED)
+      throw new Error(`Error on finish. Policy "${this.checkName}" is not created.`);
+
+    core.debug(`Running policy check: ${this.checkName}`);
+  }
+
+  protected async success(summary: string, text: string): Promise<void> {
+    await this.finish(CONCLUSION.Success, summary, text);
+  }
+
+  protected async reject(summary: string, text: string): Promise<void> {
+    await this.finish(CONCLUSION.Failure, summary, text);
+  }
+
+  protected async finish(conclusion: CONCLUSION | undefined, summary: string, text: string): Promise<void> {
+    core.debug(`Finish policy check: ${this.checkName}. (conclusion=${conclusion})`);
 
     const result = await this.octokit.rest.checks.update({
       owner: context.repo.owner,
       repo: context.repo.repo,
       check_run_id: this.checkRunId,
       status: 'completed',
-      conclusion: 'success',
+      conclusion,
       output: {
         title: this.checkName,
-        summary: 'Policy checker completed successfully',
-        text: ''
+        summary,
+        text
       }
     });
-
-    return result.data;
   }
 }