From d809a88b6094d40d055e1d3ccec66945e25bce32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rog=C3=A9rio=20Peixoto?= Date: Mon, 18 Oct 2021 14:22:24 +0100 Subject: [PATCH] adding annotations feature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rogério Peixoto --- dist/index.js | 77 ++++++++++++++++++++++++++++++++++++++---------- src/annotator.js | 38 ++++++++++++++++++++++++ src/main.js | 10 ++++--- src/scanner.js | 23 +++++++-------- 4 files changed, 116 insertions(+), 32 deletions(-) create mode 100644 src/annotator.js diff --git a/dist/index.js b/dist/index.js index b714852..001b178 100644 --- a/dist/index.js +++ b/dist/index.js @@ -17799,6 +17799,50 @@ function wrappy (fn, cb) { } +/***/ }), + +/***/ 9362: +/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { + +const core = __nccwpck_require__(2186); + +function extractAnnotations(results) { + let annotations = []; + for (i in results.queries) { + let query = results.queries[i]; + for (j in query.files) { + let file = query.files[j]; + annotations.push({ + file: file['file_name'], + startLine: file['line'], + endLine: file['line'], + severity: query['severity'], + queryName: query['query_name'], + description: query['description'], + }); + } + } + + return annotations; +} + +function annotateChangesWithResults(results) { + const annotations = extractAnnotations(results); + annotations.forEach(annotation => { + core.warning(annotation.description, { + title: `[${annotation.severity}] ${annotation.queryName}`, + startLine: annotation.startLine, + endLine: annotation.endLine, + file: annotation.file, + }); + }); + +} + +module.exports = { + annotateChangesWithResults +} + /***/ }), /***/ 3571: @@ -18060,7 +18104,7 @@ function addKICSCmdArgs(cmdArgs) { } } -async function scanWithKICS(enableComments) { +async function scanWithKICS() { let resultsJSONFile; if (!kicsInput.path.value) { @@ -18070,18 +18114,17 @@ async function scanWithKICS(enableComments) { let cmdArgs = []; addKICSCmdArgs(cmdArgs); - // making sure results.json is always created when PR comments are enabled - if (enableComments) { - if (!cmdArgs.find(arg => arg == '--output-path')) { - cmdArgs.push('--output-path'); - cmdArgs.push('./'); - resultsJSONFile = './results.json'; - } else { - let resultsDir = core.getInput('output_path'); - resultsJSONFile = filepath.join(resultsDir, '/results.json'); - } - addJSONReportFormat(cmdArgs); + // making sure results.json is always created + if (!cmdArgs.find(arg => arg == '--output-path')) { + cmdArgs.push('--output-path'); + cmdArgs.push('./'); + resultsJSONFile = './results.json'; + } else { + let resultsDir = core.getInput('output_path'); + resultsJSONFile = filepath.join(resultsDir, '/results.json'); } + addJSONReportFormat(cmdArgs); + exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true }); return { statusCode: exitCode, @@ -18311,6 +18354,7 @@ var __webpack_exports__ = {}; const install = __nccwpck_require__(1430); const commenter = __nccwpck_require__(3571); const scanner = __nccwpck_require__(3157); +const annotator = __nccwpck_require__(9362); const core = __nccwpck_require__(2186); const github = __nccwpck_require__(5438); @@ -18385,7 +18429,6 @@ async function main() { try { const githubToken = core.getInput("token"); const octokit = github.getOctokit(githubToken); - let enableComments = core.getInput('enable_comments').toLocaleLowerCase() === "true"; let context = {}; let repo = ''; let prNumber = ''; @@ -18401,12 +18444,14 @@ async function main() { } await install.installKICS(); - const scanResults = await scanner.scanWithKICS(enableComments); - if (enableComments) { - let parsedResults = readJSON(scanResults.resultsJSONFile); + const scanResults = await scanner.scanWithKICS(); + const parsedResults = readJSON(scanResults.resultsJSONFile); + if (core.getInput('enable_comments').toLocaleLowerCase() === "true") { await commenter.postPRComment(parsedResults, repo, prNumber, octokit); } + annotator.annotateChangesWithResults(parsedResults); + cleanupOutput(scanResults.resultsJSONFile); setWorkflowStatus(scanResults.statusCode); } catch (e) { diff --git a/src/annotator.js b/src/annotator.js new file mode 100644 index 0000000..794afde --- /dev/null +++ b/src/annotator.js @@ -0,0 +1,38 @@ +const core = require("@actions/core"); + +function extractAnnotations(results) { + let annotations = []; + for (i in results.queries) { + let query = results.queries[i]; + for (j in query.files) { + let file = query.files[j]; + annotations.push({ + file: file['file_name'], + startLine: file['line'], + endLine: file['line'], + severity: query['severity'], + queryName: query['query_name'], + description: query['description'], + }); + } + } + + return annotations; +} + +function annotateChangesWithResults(results) { + const annotations = extractAnnotations(results); + annotations.forEach(annotation => { + core.warning(annotation.description, { + title: `[${annotation.severity}] ${annotation.queryName}`, + startLine: annotation.startLine, + endLine: annotation.endLine, + file: annotation.file, + }); + }); + +} + +module.exports = { + annotateChangesWithResults +} \ No newline at end of file diff --git a/src/main.js b/src/main.js index df9d715..16c260a 100644 --- a/src/main.js +++ b/src/main.js @@ -1,6 +1,7 @@ const install = require("./install"); const commenter = require("./commenter"); const scanner = require("./scanner"); +const annotator = require("./annotator"); const core = require("@actions/core"); const github = require("@actions/github"); @@ -75,7 +76,6 @@ async function main() { try { const githubToken = core.getInput("token"); const octokit = github.getOctokit(githubToken); - let enableComments = core.getInput('enable_comments').toLocaleLowerCase() === "true"; let context = {}; let repo = ''; let prNumber = ''; @@ -91,12 +91,14 @@ async function main() { } await install.installKICS(); - const scanResults = await scanner.scanWithKICS(enableComments); - if (enableComments) { - let parsedResults = readJSON(scanResults.resultsJSONFile); + const scanResults = await scanner.scanWithKICS(); + const parsedResults = readJSON(scanResults.resultsJSONFile); + if (core.getInput('enable_comments').toLocaleLowerCase() === "true") { await commenter.postPRComment(parsedResults, repo, prNumber, octokit); } + annotator.annotateChangesWithResults(parsedResults); + cleanupOutput(scanResults.resultsJSONFile); setWorkflowStatus(scanResults.statusCode); } catch (e) { diff --git a/src/scanner.js b/src/scanner.js index c2293cd..412c85c 100644 --- a/src/scanner.js +++ b/src/scanner.js @@ -68,7 +68,7 @@ function addKICSCmdArgs(cmdArgs) { } } -async function scanWithKICS(enableComments) { +async function scanWithKICS() { let resultsJSONFile; if (!kicsInput.path.value) { @@ -78,18 +78,17 @@ async function scanWithKICS(enableComments) { let cmdArgs = []; addKICSCmdArgs(cmdArgs); - // making sure results.json is always created when PR comments are enabled - if (enableComments) { - if (!cmdArgs.find(arg => arg == '--output-path')) { - cmdArgs.push('--output-path'); - cmdArgs.push('./'); - resultsJSONFile = './results.json'; - } else { - let resultsDir = core.getInput('output_path'); - resultsJSONFile = filepath.join(resultsDir, '/results.json'); - } - addJSONReportFormat(cmdArgs); + // making sure results.json is always created + if (!cmdArgs.find(arg => arg == '--output-path')) { + cmdArgs.push('--output-path'); + cmdArgs.push('./'); + resultsJSONFile = './results.json'; + } else { + let resultsDir = core.getInput('output_path'); + resultsJSONFile = filepath.join(resultsDir, '/results.json'); } + addJSONReportFormat(cmdArgs); + exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true }); return { statusCode: exitCode,