Skip to content

Commit

Permalink
Fixups for golang-based entrypoint (ossf/scorecard-action#136)
Browse files Browse the repository at this point in the history 
- (Makefile) Created a makefile for building scorecard-action
- (entrypoint.go) Changed resultsFilePath so that it is under the GithubWorkspace dir to fix file permission errors
- (options.go) Properly pull & set EnvInputResultsFormat, EnvInputResultsFile, and EnvGithubAuthToken env vars
- (options_test.go) Set EnvInputResultsFormat and EnvInputResultsFile before calling options.New() to see if it properly picks up env vars.

Co-authored-by: Stephen Augustus <[email protected]>
  • Loading branch information
@rohankh532 @justaugustus
rohankh532 and justaugustus committed May 25, 2022
1 parent 32ba146 commit 523dbd4
Show file tree
Hide file tree
Showing 4 changed files with 84 additions and 22 deletions.
6 changes: 4 additions & 2 deletions action/entrypoint/entrypoint.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,13 +58,15 @@ func New() (*cobra.Command, error) {
return fmt.Errorf("validating options: %w", err)
}

// TODO: the results file should be completed and validated by the time we get it.
if scOpts.ResultsFile != "" {
var err error
out, err = os.Create(scOpts.ResultsFile)
resultsFilePath := fmt.Sprintf("%v/%v", opts.GithubWorkspace, scOpts.ResultsFile)
out, err = os.Create(resultsFilePath)
if err != nil {
return fmt.Errorf(
"creating output file (%s): %w",
scOpts.ResultsFile,
resultsFilePath,
err,
)
}
Expand Down
10 changes: 7 additions & 3 deletions action/options/env.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,15 @@ const (
EnvGithubRef = "GITHUB_REF"
EnvGithubWorkspace = "GITHUB_WORKSPACE"
EnvGithubAuthToken = "GITHUB_AUTH_TOKEN" //nolint:gosec
EnvInputResultsFile = "INPUT_RESULTS_FILE"
EnvInputResultsFormat = "INPUT_RESULTS_FORMAT"
EnvInputPublishResults = "INPUT_PUBLISH_RESULTS"
EnvScorecardFork = "SCORECARD_IS_FORK"
EnvScorecardPrivateRepo = "SCORECARD_PRIVATE_REPOSITORY"

// TODO(input): INPUT_ constants should be removed in a future release once
// they have replacements in upstream scorecard.
EnvInputRepoToken = "INPUT_REPO_TOKEN" //nolint:gosec
EnvInputResultsFile = "INPUT_RESULTS_FILE"
EnvInputResultsFormat = "INPUT_RESULTS_FORMAT"
EnvInputPublishResults = "INPUT_PUBLISH_RESULTS"
)

// Errors
Expand Down
28 changes: 25 additions & 3 deletions action/options/options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,11 @@ type Options struct {
IsForkStr string `env:"SCORECARD_IS_FORK"`
// TODO(options): This may be better as a bool
PrivateRepoStr string `env:"SCORECARD_PRIVATE_REPOSITORY"`

// Input parameters
InputResultsFile string `env:"INPUT_RESULTS_FILE"`
InputResultsFormat string `env:"INPUT_RESULTS_FORMAT"`
InputPublishResults string `env:"INPUT_PUBLISH_RESULTS"`
}

const (
Expand Down Expand Up @@ -91,7 +96,12 @@ func New() (*Options, error) {
}

// TODO(options): Move this set-or-default logic to its own function.
opts.ScorecardOpts.Format = formatSarif
opts.ScorecardOpts.EnableSarif = true
if opts.InputResultsFormat != "" {
opts.ScorecardOpts.Format = opts.InputResultsFormat
}

if opts.ScorecardOpts.Format == formatSarif {
if opts.ScorecardOpts.PolicyFile == "" {
// TODO(policy): Should we default or error here?
Expand All @@ -107,7 +117,13 @@ func New() (*Options, error) {
}

opts.SetPublishResults()

if opts.ScorecardOpts.ResultsFile == "" {
opts.ScorecardOpts.ResultsFile = opts.InputResultsFile
}

if opts.ScorecardOpts.ResultsFile == "" {
// TODO(test): Reassess test case for this code path
return opts, errResultsPathEmpty
}

Expand All @@ -133,6 +149,12 @@ func (o *Options) Initialize() error {
// o.EnableLicense = "1"
// o.EnableDangerousWorkflow = "1"

_, tokenSet := os.LookupEnv(EnvGithubAuthToken)
if !tokenSet {
inputToken := os.Getenv(EnvInputRepoToken)
os.Setenv(EnvGithubAuthToken, inputToken)
}

return o.SetRepoInfo()
}

Expand All @@ -151,9 +173,9 @@ func (o *Options) Validate() error {
return errEmptyGitHubAuthToken
}

if strings.Contains(os.Getenv(o.GithubEventName), "pull_request") &&
os.Getenv(o.GithubRef) == o.DefaultBranch {
fmt.Printf("%s not supported with %s event.\n", os.Getenv(o.GithubRef), os.Getenv(o.GithubEventName))
if strings.Contains(o.GithubEventName, "pull_request") &&
o.GithubRef == o.DefaultBranch {
fmt.Printf("%s not supported with %s event.\n", o.GithubRef, o.GithubEventName)
fmt.Printf("Only the default branch %s is supported.\n", o.DefaultBranch)

return errOnlyDefaultBranchSupported
Expand Down
62 changes: 48 additions & 14 deletions action/options/options_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,15 +45,16 @@ func TestNew(t *testing.T) {
LogLevel string
}
tests := []struct {
name string
githubEventPath string
repo string
resultsFile string
resultsFormat string
publishResults string
want fields
unsetToken bool
wantErr bool
name string
githubEventPath string
repo string
resultsFile string
resultsFormat string
publishResults string
want fields
unsetResultsPath bool
unsetToken bool
wantErr bool
}{
{
name: "SuccessFormatSARIF",
Expand Down Expand Up @@ -103,12 +104,40 @@ func TestNew(t *testing.T) {
unsetToken: true,
wantErr: true,
},
{
name: "FailureResultsPathNotSet",
githubEventPath: githubEventPathNonFork,
want: fields{
EnableSarif: true,
Format: formatSarif,
PolicyFile: defaultScorecardPolicyFile,
Commit: options.DefaultCommit,
LogLevel: options.DefaultLogLevel,
},
unsetResultsPath: true,
wantErr: true,
},
{
name: "FailureResultsPathEmpty",
githubEventPath: githubEventPathNonFork,
resultsFile: "",
want: fields{
EnableSarif: true,
Format: formatSarif,
PolicyFile: defaultScorecardPolicyFile,
ResultsFile: "",
Commit: options.DefaultCommit,
LogLevel: options.DefaultLogLevel,
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
_, tokenEnvExists := os.LookupEnv(EnvGithubAuthToken)
if !tokenEnvExists {
os.Setenv(EnvGithubAuthToken, testToken)
defer os.Unsetenv(EnvGithubAuthToken)
}
if tt.unsetToken {
os.Unsetenv(EnvGithubAuthToken)
Expand All @@ -118,21 +147,26 @@ func TestNew(t *testing.T) {
if !pathEnvExists {
if tt.githubEventPath != "" {
os.Setenv(EnvGithubEventPath, tt.githubEventPath)
defer os.Unsetenv(EnvGithubEventPath)
}
}

_, repoEnvExists := os.LookupEnv(EnvGithubRepository)
if !repoEnvExists {
if tt.repo != "" {
os.Setenv(EnvGithubRepository, tt.repo)
defer os.Unsetenv(EnvGithubRepository)
}
}

if tt.resultsFile != "" {
os.Setenv("SCORECARD_RESULTS_FILE", tt.resultsFile)
}
if tt.resultsFormat != "" {
os.Setenv("SCORECARD_RESULTS_FORMAT", tt.resultsFormat)
os.Setenv(EnvInputResultsFormat, tt.resultsFormat)
defer os.Unsetenv(EnvInputResultsFormat)

if tt.unsetResultsPath {
os.Unsetenv(EnvInputResultsFile)
} else {
os.Setenv(EnvInputResultsFile, tt.resultsFile)
defer os.Unsetenv(EnvInputResultsFile)
}

opts, err := New()
Expand Down

0 comments on commit 523dbd4

Please sign in to comment.