HPCE/kics-github-action
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

progress on javascript action

Browse Source 
Signed-off-by: Rogério Peixoto <rogerio.peixoto@checkmarx.com>
This commit is contained in:
Rogério Peixoto
2021-10-18 09:53:18 +01:00
parent 740815773b
commit 77c7ea32c6
7 changed files with 77 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/main.js
View File

@ -4,14 +4,10 @@ const scanner = require("./scanner");
const core = require("@actions/core");
const github = require("@actions/github");
const io = require("@actions/io");
const fs = require("fs");
const actionInputs = {
kics_version: { value: core.getInput('kics_version') },
enable_comments: { value: core.getInput('enable_comments') },
}
const exitStatus = {
results: {
codes: {
@ -67,12 +63,19 @@ function readJSON(filename) {
return parsedJSON;
}
function cleanupOutput(resultsJSONFile) {
const outputFormats = core.getInput('output_formats');
if (!outputFormats.toLowerCase().includes('json') || core.getInput('output_path') === '') {
io.rmRF(resultsJSONFile);
}
}
async function main() {
console.log("Running KICS action...");
try {
const githubToken = core.getInput("token");
const octokit = github.getOctokit(githubToken);
let enableComments = actionInputs.enable_comments.value.toLocaleLowerCase() === "true";
let enableComments = core.getInput('enable_comments').toLocaleLowerCase() === "true";
let context = {};
let repo = '';
let prNumber = '';
@ -90,10 +93,11 @@ async function main() {
await install.installKICS();
const scanResults = await scanner.scanWithKICS(enableComments);
if (enableComments) {
let parsedResults = readJSON(scanResults.resultsFile);
let parsedResults = readJSON(scanResults.resultsJSONFile);
await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
}
cleanupOutput(scanResults.resultsJSONFile);
setWorkflowStatus(scanResults.statusCode);
} catch (e) {
console.error(e);

40
src/scanner.js
View File

@ -28,14 +28,15 @@ const kicsInput = {
bom: { value_type: "bool", flag: '--bom', value: core.getInput('bom') },
};
async function scanWithKICS(enableComments) {
let resultsFile;
if (!kicsInput.path.value) {
core.error('Path to scan is not set');
core.setFailed('Path to scan is not set');
function addJSONReportFormat(cmdArgs) {
const outputFormats = core.getInput('output_formats');
if (outputFormats.toLowerCase().indexOf('json') == -1) {
cmdArgs.push('--report-formats');
cmdArgs.push('json');
}
let cmdArgs = [];
}
function addKICSCmdArgs(cmdArgs) {
for (let input in kicsInput) {
if (kicsInput[input].value_type === 'string') {
if (kicsInput[input].value) {
@ -65,30 +66,37 @@ async function scanWithKICS(enableComments) {
}
}
}
}
async function scanWithKICS(enableComments) {
let resultsJSONFile;
if (!kicsInput.path.value) {
core.error('Path to scan is not set');
core.setFailed('Path to scan is not set');
}
let cmdArgs = [];
addKICSCmdArgs(cmdArgs);
// making sure results.json is always created when PR comments are enabled
if (enableComments) {
if (!cmdArgs.find(arg => arg == '--output-path')) {
cmdArgs.push('--output-path');
cmdArgs.push('./');
resultsFile = './results.json';
resultsJSONFile = './results.json';
} else {
const outputFormats = core.getInput('output_formats');
if (outputFormats.toLowerCase().indexOf('json') == -1) {
cmdArgs.push('--report-formats');
cmdArgs.push('json');
}
let resultsDir = core.getInput('output_path');
resultsFile = filepath.join(resultsDir, '/results.json');
resultsJSONFile = filepath.join(resultsDir, '/results.json');
}
addJSONReportFormat(cmdArgs);
}
exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true });
return {
statusCode: exitCode,
resultsFile: resultsFile
resultsJSONFile: resultsJSONFile
};
}
module.exports = {
scanWithKICS
};
};