SCP-74 Cleanup inputs and output

Co-authored-by: Franco Straman <franco.stramana@gmail.com>

.github/linters/.eslintrc.yml

@@ -81,5 +81,6 @@ rules:
     '@typescript-eslint/space-before-function-paren': 'off',
     '@typescript-eslint/type-annotation-spacing': 'error',
     '@typescript-eslint/unbound-method': 'error',
-    'github/array-foreach' : 'off'
+    'github/array-foreach' : 'off',
+    'eslint-comments/no-unlimited-disable': 'off'
   }

.github/workflows/test-action.yml

@@ -28,11 +28,8 @@ jobs:
 #          sbom-ignore: 'scanoss-ignore.json'
            github-token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Print output command
-        run: echo "${{ steps.test-action.outputs.output-command }}"
+      - name: Print stdout scan command
+        run: echo "${{ steps.test-action.outputs.stdout-scan-command }}"
 
-      - name: Print Licenses
-        run: echo "${{ steps.test-action.outputs.licenses }}"
-
-      - name: Print Result
+      - name: Print Results
         run: cat "${{ steps.test-action.outputs.result-filepath }}"

__tests__/main.test.ts

@@ -12,9 +12,6 @@ import * as main from '../src/main';
 // Mock the action's main function
 const runMock = jest.spyOn(main, 'run');
 
-// Other utilities
-const timeRegex = /^\d{2}:\d{2}:\d{2}/;
-
 // Mock the GitHub Actions core library
 let debugMock: jest.SpyInstance;
 let errorMock: jest.SpyInstance;

__tests__/report-service.test.ts

@@ -1,6 +1,4 @@
 import { getLicensesReport } from '../src/services/report.service';
-import { ScannerResults } from '../src/services/result.interfaces';
-import { getLicenses, Licenses } from '../src/services/result.service';
 
 const licenseTableTest = [
   {

action.yml

@@ -12,12 +12,10 @@ inputs:
   github-token:
     description: 'Your GitHub token'
     required: true
-  scanner-parameters:  
-    description: 'Parameters to run a scan'
   output-path:
     description: 'Output result file name'
     required: false
-    default: 'result.json'
+    default: 'results.json'
   sbom-identify:
     description: 'Scan and identify components in SBOM file'
     required: false
@@ -35,7 +33,7 @@ inputs:
 outputs:
   result-filepath:
     description: 'Scanner results filepath'
-  output-command:
+  stdout-scan-command:
     description: 'Scanner command output'
 
 runs:

package.json

@@ -71,7 +71,6 @@
     "@actions/github": "^6.0.0"
   },
   "devDependencies": {
-    "@octokit/types": "^12.4.0",
     "@types/jest": "^29.5.11",
     "@types/node": "^20.11.0",
     "@typescript-eslint/eslint-plugin": "^6.18.1",

src/app.input.ts

@@ -0,0 +1,8 @@
+import * as core from '@actions/core';
+
+export const REPO_DIR = process.env.GITHUB_WORKSPACE as string;
+export const OUTPUT_PATH = core.getInput('output-path');
+export const SBOM_INDENTIFY = core.getInput('sbom-identify');
+export const SBOM_IGNORE = core.getInput('sbom-ignore');
+export const API_KEY = core.getInput('api-key');
+export const API_URL = core.getInput('api-url');

src/app.output.ts

@@ -0,0 +1,2 @@
+export const RESULT_FILEPATH = 'result-filepath';
+export const STDOUT_SCAN_COMMAND = 'stdout-scan-command';

src/main.ts

@@ -4,8 +4,10 @@ import { CopyleftPolicyCheck } from './policies/copyleft-policy-check';
 import { getLicensesReport } from './services/report.service';
 import * as core from '@actions/core';
 import * as exec from '@actions/exec';
-import { commandBuilder, readInputs } from './input';
+import * as inputs from './app.input';
+import * as outputs from './app.output';
 
+import { commandBuilder } from './services/scan.service';
 /**
  * The main function for the action.
  * @returns {Promise<void>} Resolves when the action is complete.
@@ -14,20 +16,16 @@ export async function run(): Promise<void> {
   try {
     core.debug(`SCANOSS Scan Action started...`);
 
-    const repoDir = process.env.GITHUB_WORKSPACE as string;
-    const outputPath = 'results.json';
-
     // create policies
     core.debug(`Creating policies`);
     const policies = [new CopyleftPolicyCheck()];
     policies.forEach(async policy => policy.start());
 
     // run scan
     const { stdout, stderr } = await exec.getExecOutput(commandBuilder(), []);
+    const scannerResults = await readResult(inputs.OUTPUT_PATH);
 
-    const scannerResults = await readResult(readInputs().outputPath);
-
-    // run policies // TODO: define run action for each policy
+    // run policies
     policies.forEach(async policy => await policy.run(scannerResults));
 
     if (isPullRequest()) {
@@ -38,8 +36,8 @@ export async function run(): Promise<void> {
     }
 
     // set outputs for other workflow steps to use
-    core.setOutput('result-filepath', readInputs().outputPath);
-    core.setOutput('output-command', stdout);
+    core.setOutput(outputs.RESULT_FILEPATH, inputs.OUTPUT_PATH);
+    core.setOutput(outputs.STDOUT_SCAN_COMMAND, stdout);
   } catch (error) {
     // fail the workflow run if an error occurs
     if (error instanceof Error) core.setFailed(error.message);

src/policies/policy-check.ts

@@ -3,7 +3,6 @@ import * as core from '@actions/core';
 import { getSHA } from '../utils/github.utils';
 import { ScannerResults } from '../services/result.interfaces';
 import { GitHub } from '@actions/github/lib/utils';
-import { OctokitResponse } from '@octokit/types';
 
 const UNINITIALIZED = -1;
 

src/services/scan.service.ts

@@ -0,0 +1,11 @@
+import * as input from '../app.input';
+
+export function commandBuilder(): string {
+  return `docker run -v "${input.REPO_DIR}":"/scanoss" ghcr.io/scanoss/scanoss-py:v1.9.0 scan . 
+                --dependencies 
+                --output ${input.OUTPUT_PATH} 
+                ${input.SBOM_INDENTIFY ? `--identify ${input.SBOM_INDENTIFY}` : ''} 
+                ${input.SBOM_IGNORE ? `--ignore ${input.SBOM_IGNORE}` : ''} 
+                ${input.API_URL ? `--apiurl ${input.API_URL}` : ''} 
+                ${input.API_KEY ? `--key ${input.API_KEY}` : ''}`.replace(/\n/gm, '');
+}