adding annotations feature
Signed-off-by: Rogério Peixoto <rogerio.peixoto@checkmarx.com>
This commit is contained in:
Rogério Peixoto
61
dist/index.js
vendored
61
dist/index.js
vendored
@ -17799,6 +17799,50 @@ function wrappy (fn, cb) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/***/ }),
|
||||||
|
|
||||||
|
/***/ 9362:
|
||||||
|
/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
|
||||||
|
|
||||||
|
const core = __nccwpck_require__(2186);
|
||||||
|
|
||||||
|
function extractAnnotations(results) {
|
||||||
|
let annotations = [];
|
||||||
|
for (i in results.queries) {
|
||||||
|
let query = results.queries[i];
|
||||||
|
for (j in query.files) {
|
||||||
|
let file = query.files[j];
|
||||||
|
annotations.push({
|
||||||
|
file: file['file_name'],
|
||||||
|
startLine: file['line'],
|
||||||
|
endLine: file['line'],
|
||||||
|
severity: query['severity'],
|
||||||
|
queryName: query['query_name'],
|
||||||
|
description: query['description'],
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return annotations;
|
||||||
|
}
|
||||||
|
|
||||||
|
function annotateChangesWithResults(results) {
|
||||||
|
const annotations = extractAnnotations(results);
|
||||||
|
annotations.forEach(annotation => {
|
||||||
|
core.warning(annotation.description, {
|
||||||
|
title: `[${annotation.severity}] ${annotation.queryName}`,
|
||||||
|
startLine: annotation.startLine,
|
||||||
|
endLine: annotation.endLine,
|
||||||
|
file: annotation.file,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
annotateChangesWithResults
|
||||||
|
}
|
||||||
|
|
||||||
/***/ }),
|
/***/ }),
|
||||||
|
|
||||||
/***/ 3571:
|
/***/ 3571:
|
||||||
@ -18060,7 +18104,7 @@ function addKICSCmdArgs(cmdArgs) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async function scanWithKICS(enableComments) {
|
async function scanWithKICS() {
|
||||||
let resultsJSONFile;
|
let resultsJSONFile;
|
||||||
|
|
||||||
if (!kicsInput.path.value) {
|
if (!kicsInput.path.value) {
|
||||||
@ -18070,8 +18114,7 @@ async function scanWithKICS(enableComments) {
|
|||||||
let cmdArgs = [];
|
let cmdArgs = [];
|
||||||
addKICSCmdArgs(cmdArgs);
|
addKICSCmdArgs(cmdArgs);
|
||||||
|
|
||||||
// making sure results.json is always created when PR comments are enabled
|
// making sure results.json is always created
|
||||||
if (enableComments) {
|
|
||||||
if (!cmdArgs.find(arg => arg == '--output-path')) {
|
if (!cmdArgs.find(arg => arg == '--output-path')) {
|
||||||
cmdArgs.push('--output-path');
|
cmdArgs.push('--output-path');
|
||||||
cmdArgs.push('./');
|
cmdArgs.push('./');
|
||||||
@ -18081,7 +18124,7 @@ async function scanWithKICS(enableComments) {
|
|||||||
resultsJSONFile = filepath.join(resultsDir, '/results.json');
|
resultsJSONFile = filepath.join(resultsDir, '/results.json');
|
||||||
}
|
}
|
||||||
addJSONReportFormat(cmdArgs);
|
addJSONReportFormat(cmdArgs);
|
||||||
}
|
|
||||||
exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true });
|
exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true });
|
||||||
return {
|
return {
|
||||||
statusCode: exitCode,
|
statusCode: exitCode,
|
||||||
@ -18311,6 +18354,7 @@ var __webpack_exports__ = {};
|
|||||||
const install = __nccwpck_require__(1430);
|
const install = __nccwpck_require__(1430);
|
||||||
const commenter = __nccwpck_require__(3571);
|
const commenter = __nccwpck_require__(3571);
|
||||||
const scanner = __nccwpck_require__(3157);
|
const scanner = __nccwpck_require__(3157);
|
||||||
|
const annotator = __nccwpck_require__(9362);
|
||||||
|
|
||||||
const core = __nccwpck_require__(2186);
|
const core = __nccwpck_require__(2186);
|
||||||
const github = __nccwpck_require__(5438);
|
const github = __nccwpck_require__(5438);
|
||||||
@ -18385,7 +18429,6 @@ async function main() {
|
|||||||
try {
|
try {
|
||||||
const githubToken = core.getInput("token");
|
const githubToken = core.getInput("token");
|
||||||
const octokit = github.getOctokit(githubToken);
|
const octokit = github.getOctokit(githubToken);
|
||||||
let enableComments = core.getInput('enable_comments').toLocaleLowerCase() === "true";
|
|
||||||
let context = {};
|
let context = {};
|
||||||
let repo = '';
|
let repo = '';
|
||||||
let prNumber = '';
|
let prNumber = '';
|
||||||
@ -18401,12 +18444,14 @@ async function main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await install.installKICS();
|
await install.installKICS();
|
||||||
const scanResults = await scanner.scanWithKICS(enableComments);
|
const scanResults = await scanner.scanWithKICS();
|
||||||
if (enableComments) {
|
const parsedResults = readJSON(scanResults.resultsJSONFile);
|
||||||
let parsedResults = readJSON(scanResults.resultsJSONFile);
|
if (core.getInput('enable_comments').toLocaleLowerCase() === "true") {
|
||||||
await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
|
await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
annotator.annotateChangesWithResults(parsedResults);
|
||||||
|
|
||||||
cleanupOutput(scanResults.resultsJSONFile);
|
cleanupOutput(scanResults.resultsJSONFile);
|
||||||
setWorkflowStatus(scanResults.statusCode);
|
setWorkflowStatus(scanResults.statusCode);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
|||||||
38
src/annotator.js
Normal file
38
src/annotator.js
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
const core = require("@actions/core");
|
||||||
|
|
||||||
|
function extractAnnotations(results) {
|
||||||
|
let annotations = [];
|
||||||
|
for (i in results.queries) {
|
||||||
|
let query = results.queries[i];
|
||||||
|
for (j in query.files) {
|
||||||
|
let file = query.files[j];
|
||||||
|
annotations.push({
|
||||||
|
file: file['file_name'],
|
||||||
|
startLine: file['line'],
|
||||||
|
endLine: file['line'],
|
||||||
|
severity: query['severity'],
|
||||||
|
queryName: query['query_name'],
|
||||||
|
description: query['description'],
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return annotations;
|
||||||
|
}
|
||||||
|
|
||||||
|
function annotateChangesWithResults(results) {
|
||||||
|
const annotations = extractAnnotations(results);
|
||||||
|
annotations.forEach(annotation => {
|
||||||
|
core.warning(annotation.description, {
|
||||||
|
title: `[${annotation.severity}] ${annotation.queryName}`,
|
||||||
|
startLine: annotation.startLine,
|
||||||
|
endLine: annotation.endLine,
|
||||||
|
file: annotation.file,
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
annotateChangesWithResults
|
||||||
|
}
|
||||||
10
src/main.js
10
src/main.js
@ -1,6 +1,7 @@
|
|||||||
const install = require("./install");
|
const install = require("./install");
|
||||||
const commenter = require("./commenter");
|
const commenter = require("./commenter");
|
||||||
const scanner = require("./scanner");
|
const scanner = require("./scanner");
|
||||||
|
const annotator = require("./annotator");
|
||||||
|
|
||||||
const core = require("@actions/core");
|
const core = require("@actions/core");
|
||||||
const github = require("@actions/github");
|
const github = require("@actions/github");
|
||||||
@ -75,7 +76,6 @@ async function main() {
|
|||||||
try {
|
try {
|
||||||
const githubToken = core.getInput("token");
|
const githubToken = core.getInput("token");
|
||||||
const octokit = github.getOctokit(githubToken);
|
const octokit = github.getOctokit(githubToken);
|
||||||
let enableComments = core.getInput('enable_comments').toLocaleLowerCase() === "true";
|
|
||||||
let context = {};
|
let context = {};
|
||||||
let repo = '';
|
let repo = '';
|
||||||
let prNumber = '';
|
let prNumber = '';
|
||||||
@ -91,12 +91,14 @@ async function main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await install.installKICS();
|
await install.installKICS();
|
||||||
const scanResults = await scanner.scanWithKICS(enableComments);
|
const scanResults = await scanner.scanWithKICS();
|
||||||
if (enableComments) {
|
const parsedResults = readJSON(scanResults.resultsJSONFile);
|
||||||
let parsedResults = readJSON(scanResults.resultsJSONFile);
|
if (core.getInput('enable_comments').toLocaleLowerCase() === "true") {
|
||||||
await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
|
await commenter.postPRComment(parsedResults, repo, prNumber, octokit);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
annotator.annotateChangesWithResults(parsedResults);
|
||||||
|
|
||||||
cleanupOutput(scanResults.resultsJSONFile);
|
cleanupOutput(scanResults.resultsJSONFile);
|
||||||
setWorkflowStatus(scanResults.statusCode);
|
setWorkflowStatus(scanResults.statusCode);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
|||||||
@ -68,7 +68,7 @@ function addKICSCmdArgs(cmdArgs) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async function scanWithKICS(enableComments) {
|
async function scanWithKICS() {
|
||||||
let resultsJSONFile;
|
let resultsJSONFile;
|
||||||
|
|
||||||
if (!kicsInput.path.value) {
|
if (!kicsInput.path.value) {
|
||||||
@ -78,8 +78,7 @@ async function scanWithKICS(enableComments) {
|
|||||||
let cmdArgs = [];
|
let cmdArgs = [];
|
||||||
addKICSCmdArgs(cmdArgs);
|
addKICSCmdArgs(cmdArgs);
|
||||||
|
|
||||||
// making sure results.json is always created when PR comments are enabled
|
// making sure results.json is always created
|
||||||
if (enableComments) {
|
|
||||||
if (!cmdArgs.find(arg => arg == '--output-path')) {
|
if (!cmdArgs.find(arg => arg == '--output-path')) {
|
||||||
cmdArgs.push('--output-path');
|
cmdArgs.push('--output-path');
|
||||||
cmdArgs.push('./');
|
cmdArgs.push('./');
|
||||||
@ -89,7 +88,7 @@ async function scanWithKICS(enableComments) {
|
|||||||
resultsJSONFile = filepath.join(resultsDir, '/results.json');
|
resultsJSONFile = filepath.join(resultsDir, '/results.json');
|
||||||
}
|
}
|
||||||
addJSONReportFormat(cmdArgs);
|
addJSONReportFormat(cmdArgs);
|
||||||
}
|
|
||||||
exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true });
|
exitCode = await exec.exec(`${kicsBinary} scan --no-progress ${cmdArgs.join(" ")}`, [], { ignoreReturnCode: true });
|
||||||
return {
|
return {
|
||||||
statusCode: exitCode,
|
statusCode: exitCode,
|
||||||
|
|||||||
Reference in New Issue
Block a user