Skip to content

Commit

Permalink
Add check that github-token always specified with always-comment. Sim…
Browse files Browse the repository at this point in the history 
…plify logic
  • Loading branch information
@MaxymVlasov
MaxymVlasov committed Feb 12, 2025
1 parent 8d36c05 commit 0dd24f4
Show file tree
Hide file tree
Showing 3 changed files with 58 additions and 37 deletions.
41 changes: 25 additions & 16 deletions dist/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,14 @@ function format(output) {
function error(message) {
core.setOutput('error', message);
core.setFailed(message);
throw new Error(message);
}
function postComment(token, output) {
return __awaiter(this, void 0, void 0, function* () {
const octokit = github.getOctokit(token);
const comment = Object.assign(Object.assign({}, github.context.issue), { issue_number: github.context.issue.number, body: format(output) });
yield octokit.rest.issues.createComment(comment);
});
}
/**
* Executes a Docker image analysis using the dive tool and handles the results.
Expand All @@ -123,16 +131,19 @@ function run() {
const image = core.getInput('image');
if (!image) {
error('Missing required parameter: image');
return;
}
const configFile = core.getInput('config-file');
// Convert always-comment input to boolean value.
// All values other than 'true' are considered false.
const alwaysComment = core.getInput('always-comment').toLowerCase() === 'true';
const token = core.getInput('github-token');
if (alwaysComment && !token) {
error('"always-comment" parameter requires "github-token" to be set.');
}
const diveRepo = core.getInput('dive-image-registry');
// Validate Docker image name format
if (!/^[\w.\-_/]+$/.test(diveRepo)) {
throw new Error('Invalid dive-image-registry format');
error('Invalid dive-image-registry format');
}
const diveVersion = core.getInput('dive-image-version');
const diveImage = `${diveRepo}:${diveVersion}`;
Expand Down Expand Up @@ -172,23 +183,21 @@ function run() {
}
};
const exitCode = yield exec.exec('docker', parameters, execOptions);
if (exitCode === 0 && !alwaysComment) {
// success
return;
}
const token = core.getInput('github-token');
if (!token) {
error(`Scan failed (exit code: ${exitCode}).\nTo post scan results ` +
'as a PR comment, please provide the github-token in the action inputs.');
return;
const scanFailedErrorMsg = `Scan failed (exit code: ${exitCode})`;
if (alwaysComment) {
postComment(token, output);
if (exitCode === 0)
return;
error(scanFailedErrorMsg);
}
const octokit = github.getOctokit(token);
const comment = Object.assign(Object.assign({}, github.context.issue), { issue_number: github.context.issue.number, body: format(output) });
yield octokit.rest.issues.createComment(comment);
if (exitCode === 0 && alwaysComment) {
if (exitCode === 0)
return;
if (!token) {
error(`Scan failed (exit code: ${exitCode}).\nTo post scan results as ` +
'a PR comment, please provide the github-token in the action inputs.');
}
error(`Scan failed (exit code: ${exitCode})`);
postComment(token, output);
error(scanFailedErrorMsg);
}
catch (e) {
error(e instanceof Error ? e.message : String(e));
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js.map
View file

Large diffs are not rendered by default.

52 changes: 32 additions & 20 deletions src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,17 @@ function format(output: string): string {
function error(message: string): void {
core.setOutput('error', message)
core.setFailed(message)
throw new Error(message)
}

async function postComment(token: string, output: string): Promise<void> {
const octokit = github.getOctokit(token)
const comment = {
...github.context.issue,
issue_number: github.context.issue.number,
body: format(output)
}
await octokit.rest.issues.createComment(comment)
}

/**
Expand All @@ -69,18 +80,22 @@ async function run(): Promise<void> {
const image = core.getInput('image')
if (!image) {
error('Missing required parameter: image')
return
}
const configFile = core.getInput('config-file')
// Convert always-comment input to boolean value.
// All values other than 'true' are considered false.
const alwaysComment =
core.getInput('always-comment').toLowerCase() === 'true'
const token = core.getInput('github-token')

if (alwaysComment && !token) {
error('"always-comment" parameter requires "github-token" to be set.')
}

const diveRepo = core.getInput('dive-image-registry')
// Validate Docker image name format
if (!/^[\w.\-_/]+$/.test(diveRepo)) {
throw new Error('Invalid dive-image-registry format')
error('Invalid dive-image-registry format')
}
const diveVersion = core.getInput('dive-image-version')
const diveImage = `${diveRepo}:${diveVersion}`
Expand Down Expand Up @@ -129,32 +144,29 @@ async function run(): Promise<void> {
}
}
const exitCode = await exec.exec('docker', parameters, execOptions)
if (exitCode === 0 && !alwaysComment) {
// success
return

const scanFailedErrorMsg = `Scan failed (exit code: ${exitCode})`

if (alwaysComment) {
postComment(token, output)

if (exitCode === 0) return

error(scanFailedErrorMsg)
}

const token = core.getInput('github-token')
if (exitCode === 0) return

if (!token) {
error(
`Scan failed (exit code: ${exitCode}).\nTo post scan results ` +
'as a PR comment, please provide the github-token in the action inputs.'
`Scan failed (exit code: ${exitCode}).\nTo post scan results as ` +
'a PR comment, please provide the github-token in the action inputs.'
)
return
}
const octokit = github.getOctokit(token)
const comment = {
...github.context.issue,
issue_number: github.context.issue.number,
body: format(output)
}
await octokit.rest.issues.createComment(comment)

if (exitCode === 0 && alwaysComment) {
return
}
postComment(token, output)

error(`Scan failed (exit code: ${exitCode})`)
error(scanFailedErrorMsg)
} catch (e) {
error(e instanceof Error ? e.message : String(e))
}
Expand Down

0 comments on commit 0dd24f4

Please sign in to comment.