From 9e6cff76f8029821c29664c6a8bd44849ff6dde5 Mon Sep 17 00:00:00 2001 From: Agustin Isasmendi Date: Thu, 25 Jan 2024 13:57:27 +0100 Subject: [PATCH] SCP-74 Cleanup inputs and output Co-authored-by: Franco Straman --- .github/workflows/test-action.yml | 9 +-- __tests__/main.test.ts | 3 - __tests__/report-service.test.ts | 2 - action.yml | 6 +- dist/index.js | 109 ++++++++++++++++++++---------- package-lock.json | 1 - package.json | 1 - src/app.input.ts | 8 +++ src/app.output.ts | 2 + src/input.ts | 37 ---------- src/main.ts | 16 ++--- src/policies/policy-check.ts | 1 - src/services/scan.service.ts | 11 +++ 13 files changed, 107 insertions(+), 99 deletions(-) create mode 100644 src/app.input.ts create mode 100644 src/app.output.ts delete mode 100644 src/input.ts create mode 100644 src/services/scan.service.ts diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 5212f42..12db4ef 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -28,11 +28,8 @@ jobs: # sbom-ignore: 'scanoss-ignore.json' github-token: ${{ secrets.GITHUB_TOKEN }} - - name: Print output command - run: echo "${{ steps.test-action.outputs.output-command }}" + - name: Print stdout scan command + run: echo "${{ steps.test-action.outputs.stdout-scan-command }}" - - name: Print Licenses - run: echo "${{ steps.test-action.outputs.licenses }}" - - - name: Print Result + - name: Print Results run: cat "${{ steps.test-action.outputs.result-filepath }}" diff --git a/__tests__/main.test.ts b/__tests__/main.test.ts index 3d0692d..f167390 100644 --- a/__tests__/main.test.ts +++ b/__tests__/main.test.ts @@ -12,9 +12,6 @@ import * as main from '../src/main'; // Mock the action's main function const runMock = jest.spyOn(main, 'run'); -// Other utilities -const timeRegex = /^\d{2}:\d{2}:\d{2}/; - // Mock the GitHub Actions core library let debugMock: jest.SpyInstance; let errorMock: jest.SpyInstance; diff --git a/__tests__/report-service.test.ts b/__tests__/report-service.test.ts index c665635..8f05ef5 100644 --- a/__tests__/report-service.test.ts +++ b/__tests__/report-service.test.ts @@ -1,6 +1,4 @@ import { getLicensesReport } from '../src/services/report.service'; -import { ScannerResults } from '../src/services/result.interfaces'; -import { getLicenses, Licenses } from '../src/services/result.service'; const licenseTableTest = [ { diff --git a/action.yml b/action.yml index b1a842b..db56e75 100644 --- a/action.yml +++ b/action.yml @@ -12,12 +12,10 @@ inputs: github-token: description: 'Your GitHub token' required: true - scanner-parameters: - description: 'Parameters to run a scan' output-path: description: 'Output result file name' required: false - default: 'result.json' + default: 'results.json' sbom-identify: description: 'Scan and identify components in SBOM file' required: false @@ -35,7 +33,7 @@ inputs: outputs: result-filepath: description: 'Scanner results filepath' - output-command: + stdout-scan-command: description: 'Scanner command output' runs: diff --git a/dist/index.js b/dist/index.js index dfcce2c..f27af40 100644 --- a/dist/index.js +++ b/dist/index.js @@ -30149,7 +30149,7 @@ exports.CHECK_NAME = 'SCANOSS Policy Checker'; /***/ }), -/***/ 6747: +/***/ 483: /***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; @@ -30178,33 +30178,27 @@ var __importStar = (this && this.__importStar) || function (mod) { return result; }; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.commandBuilder = exports.readInputs = void 0; +exports.API_URL = exports.API_KEY = exports.SBOM_IGNORE = exports.SBOM_INDENTIFY = exports.OUTPUT_PATH = exports.REPO_DIR = void 0; const core = __importStar(__nccwpck_require__(2186)); -function readInputs() { - return { - repoDir: process.env.GITHUB_WORKSPACE, - outputPath: core.getInput('output-path'), - sbomIdentify: core.getInput('sbom-identify'), - sbomIgnore: core.getInput('sbom-ignore'), - apiKey: core.getInput('api-key'), - apiUrl: core.getInput('api-url') - }; -} -exports.readInputs = readInputs; -function commandBuilder() { - const ap = readInputs(); - console.log(ap); - // prettier-ignore - const command = `docker run -v "${ap.repoDir}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan . ` + - `--output ${ap.outputPath} ` + - (ap.sbomIdentify ? `--identify ${ap.sbomIdentify} ` : '') + - (ap.sbomIgnore ? `--ignore ${ap.sbomIgnore} ` : '') + - (ap.apiUrl ? `--apiurl ${ap.apiUrl} ` : '') + - (ap.apiKey ? `--key ${ap.apiKey} ` : ''); - console.log(command); - return command; -} -exports.commandBuilder = commandBuilder; +exports.REPO_DIR = process.env.GITHUB_WORKSPACE; +exports.OUTPUT_PATH = core.getInput('output-path'); +exports.SBOM_INDENTIFY = core.getInput('sbom-identify'); +exports.SBOM_IGNORE = core.getInput('sbom-ignore'); +exports.API_KEY = core.getInput('api-key'); +exports.API_URL = core.getInput('api-url'); + + +/***/ }), + +/***/ 2698: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.STDOUT_SCAN_COMMAND = exports.RESULT_FILEPATH = void 0; +exports.RESULT_FILEPATH = 'result-filepath'; +exports.STDOUT_SCAN_COMMAND = 'stdout-scan-command'; /***/ }), @@ -30245,7 +30239,9 @@ const copyleft_policy_check_1 = __nccwpck_require__(4466); const report_service_1 = __nccwpck_require__(2467); const core = __importStar(__nccwpck_require__(2186)); const exec = __importStar(__nccwpck_require__(1514)); -const input_1 = __nccwpck_require__(6747); +const inputs = __importStar(__nccwpck_require__(483)); +const outputs = __importStar(__nccwpck_require__(2698)); +const scan_service_1 = __nccwpck_require__(7577); /** * The main function for the action. * @returns {Promise} Resolves when the action is complete. @@ -30253,16 +30249,14 @@ const input_1 = __nccwpck_require__(6747); async function run() { try { core.debug(`SCANOSS Scan Action started...`); - const repoDir = process.env.GITHUB_WORKSPACE; - const outputPath = 'results.json'; // create policies core.debug(`Creating policies`); const policies = [new copyleft_policy_check_1.CopyleftPolicyCheck()]; policies.forEach(async (policy) => policy.start()); // run scan - const { stdout, stderr } = await exec.getExecOutput((0, input_1.commandBuilder)(), []); - const scannerResults = await (0, result_service_1.readResult)((0, input_1.readInputs)().outputPath); - // run policies // TODO: define run action for each policy + const { stdout, stderr } = await exec.getExecOutput((0, scan_service_1.commandBuilder)(), []); + const scannerResults = await (0, result_service_1.readResult)(inputs.OUTPUT_PATH); + // run policies policies.forEach(async (policy) => await policy.run(scannerResults)); if ((0, github_utils_1.isPullRequest)()) { // create reports @@ -30271,8 +30265,8 @@ async function run() { (0, github_utils_1.createCommentOnPR)(licensesReport); } // set outputs for other workflow steps to use - core.setOutput('result-filepath', (0, input_1.readInputs)().outputPath); - core.setOutput('output-command', stdout); + core.setOutput(outputs.RESULT_FILEPATH, inputs.OUTPUT_PATH); + core.setOutput(outputs.STDOUT_SCAN_COMMAND, stdout); } catch (error) { // fail the workflow run if an error occurs @@ -30527,6 +30521,51 @@ function getLicenses(results) { exports.getLicenses = getLicenses; +/***/ }), + +/***/ 7577: +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { + +"use strict"; + +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.commandBuilder = void 0; +const input = __importStar(__nccwpck_require__(483)); +function commandBuilder() { + return `docker run -v "${input.REPO_DIR}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan . + --dependencies + --output ${input.OUTPUT_PATH} + ${input.SBOM_INDENTIFY ? `--identify ${input.SBOM_INDENTIFY}` : ''} + ${input.SBOM_IGNORE ? `--ignore ${input.SBOM_IGNORE}` : ''} + ${input.API_URL ? `--apiurl ${input.API_URL}` : ''} + ${input.API_KEY ? `--key ${input.API_KEY}` : ''}`; +} +exports.commandBuilder = commandBuilder; + + /***/ }), /***/ 7889: diff --git a/package-lock.json b/package-lock.json index c056918..b796b11 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,6 @@ "@actions/github": "^6.0.0" }, "devDependencies": { - "@octokit/types": "^12.4.0", "@types/jest": "^29.5.11", "@types/node": "^20.11.0", "@typescript-eslint/eslint-plugin": "^6.18.1", diff --git a/package.json b/package.json index 29089f8..b93ece1 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,6 @@ "@actions/github": "^6.0.0" }, "devDependencies": { - "@octokit/types": "^12.4.0", "@types/jest": "^29.5.11", "@types/node": "^20.11.0", "@typescript-eslint/eslint-plugin": "^6.18.1", diff --git a/src/app.input.ts b/src/app.input.ts new file mode 100644 index 0000000..98c093a --- /dev/null +++ b/src/app.input.ts @@ -0,0 +1,8 @@ +import * as core from '@actions/core'; + +export const REPO_DIR = process.env.GITHUB_WORKSPACE as string; +export const OUTPUT_PATH = core.getInput('output-path'); +export const SBOM_INDENTIFY = core.getInput('sbom-identify'); +export const SBOM_IGNORE = core.getInput('sbom-ignore'); +export const API_KEY = core.getInput('api-key'); +export const API_URL = core.getInput('api-url'); diff --git a/src/app.output.ts b/src/app.output.ts new file mode 100644 index 0000000..44c3c7c --- /dev/null +++ b/src/app.output.ts @@ -0,0 +1,2 @@ +export const RESULT_FILEPATH = 'result-filepath'; +export const STDOUT_SCAN_COMMAND = 'stdout-scan-command'; diff --git a/src/input.ts b/src/input.ts deleted file mode 100644 index 3b5d4b1..0000000 --- a/src/input.ts +++ /dev/null @@ -1,37 +0,0 @@ -import * as core from '@actions/core'; - -export interface ActionParameters { - repoDir: string; - outputPath: string; - sbomIdentify: string; - sbomIgnore: string; - apiKey: string; - apiUrl: string; -} - -export function readInputs(): ActionParameters { - return { - repoDir: process.env.GITHUB_WORKSPACE as string, - outputPath: core.getInput('output-path'), - sbomIdentify: core.getInput('sbom-identify'), - sbomIgnore: core.getInput('sbom-ignore'), - apiKey: core.getInput('api-key'), - apiUrl: core.getInput('api-url') - }; -} - -export function commandBuilder(): string { - const ap = readInputs(); - console.log(ap); - // prettier-ignore - const command = - `docker run -v "${ap.repoDir}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan . ` + - `--output ${ap.outputPath} ` + - (ap.sbomIdentify ? `--identify ${ap.sbomIdentify} ` : '') + - (ap.sbomIgnore ? `--ignore ${ap.sbomIgnore} ` : '') + - (ap.apiUrl ? `--apiurl ${ap.apiUrl} ` : '') + - (ap.apiKey ? `--key ${ap.apiKey} ` : '') - - console.log(command); - return command; -} diff --git a/src/main.ts b/src/main.ts index dc1000a..77af53a 100644 --- a/src/main.ts +++ b/src/main.ts @@ -4,8 +4,10 @@ import { CopyleftPolicyCheck } from './policies/copyleft-policy-check'; import { getLicensesReport } from './services/report.service'; import * as core from '@actions/core'; import * as exec from '@actions/exec'; -import { commandBuilder, readInputs } from './input'; +import * as inputs from './app.input'; +import * as outputs from './app.output'; +import { commandBuilder } from './services/scan.service'; /** * The main function for the action. * @returns {Promise} Resolves when the action is complete. @@ -14,9 +16,6 @@ export async function run(): Promise { try { core.debug(`SCANOSS Scan Action started...`); - const repoDir = process.env.GITHUB_WORKSPACE as string; - const outputPath = 'results.json'; - // create policies core.debug(`Creating policies`); const policies = [new CopyleftPolicyCheck()]; @@ -24,10 +23,9 @@ export async function run(): Promise { // run scan const { stdout, stderr } = await exec.getExecOutput(commandBuilder(), []); + const scannerResults = await readResult(inputs.OUTPUT_PATH); - const scannerResults = await readResult(readInputs().outputPath); - - // run policies // TODO: define run action for each policy + // run policies policies.forEach(async policy => await policy.run(scannerResults)); if (isPullRequest()) { @@ -38,8 +36,8 @@ export async function run(): Promise { } // set outputs for other workflow steps to use - core.setOutput('result-filepath', readInputs().outputPath); - core.setOutput('output-command', stdout); + core.setOutput(outputs.RESULT_FILEPATH, inputs.OUTPUT_PATH); + core.setOutput(outputs.STDOUT_SCAN_COMMAND, stdout); } catch (error) { // fail the workflow run if an error occurs if (error instanceof Error) core.setFailed(error.message); diff --git a/src/policies/policy-check.ts b/src/policies/policy-check.ts index 9b3e0ab..13cfced 100644 --- a/src/policies/policy-check.ts +++ b/src/policies/policy-check.ts @@ -3,7 +3,6 @@ import * as core from '@actions/core'; import { getSHA } from '../utils/github.utils'; import { ScannerResults } from '../services/result.interfaces'; import { GitHub } from '@actions/github/lib/utils'; -import { OctokitResponse } from '@octokit/types'; const UNINITIALIZED = -1; diff --git a/src/services/scan.service.ts b/src/services/scan.service.ts new file mode 100644 index 0000000..f7dc0e4 --- /dev/null +++ b/src/services/scan.service.ts @@ -0,0 +1,11 @@ +import * as input from '../app.input'; + +export function commandBuilder(): string { + return `docker run -v "${input.REPO_DIR}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan . + --dependencies + --output ${input.OUTPUT_PATH} + ${input.SBOM_INDENTIFY ? `--identify ${input.SBOM_INDENTIFY}` : ''} + ${input.SBOM_IGNORE ? `--ignore ${input.SBOM_IGNORE}` : ''} + ${input.API_URL ? `--apiurl ${input.API_URL}` : ''} + ${input.API_KEY ? `--key ${input.API_KEY}` : ''}`; +}