scanoss · perezale · Aug 23, 2024 · Aug 23, 2024
diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml
@@ -10,6 +10,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
   test-action:

diff --git a/README.md b/README.md
@@ -32,6 +32,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
   scanoss-code-scan:
@@ -109,6 +110,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
    scanoss-code-scan:

diff --git a/dist/index.js b/dist/index.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "scanoss-code-scan-action",
   "description": "SCANOSS Code Scan Action",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "author": "SCANOSS",
   "private": true,
   "homepage": "https://github.com/scanoss/code-scan-action/",

diff --git a/src/main.ts b/src/main.ts
@@ -21,7 +21,7 @@
    THE SOFTWARE.
  */
 
-import { createCommentOnPR, isPullRequest } from './utils/github.utils';
+import { createCommentOnPR, isPullRequest, getFirstRunId } from './utils/github.utils';
 import { generateJobSummary, generatePRSummary } from './services/report.service';
 import * as core from '@actions/core';
 import * as inputs from './app.input';
@@ -40,11 +40,12 @@ export async function run(): Promise<void> {
 
     // create policies
     core.debug(`Creating policies`);
+    const firstRunId = await getFirstRunId();
 
     //Read declared policies on input parameter 'policies' and create an instance for each one.
     const policies = policyManager.getPolicies();
     for (const policy of policies) {
-      await policy.start();
+      await policy.start(firstRunId);
     }
 
     // run scan

diff --git a/src/policies/copyleft-policy-check.ts b/src/policies/copyleft-policy-check.ts
@@ -81,7 +81,7 @@ export class CopyleftPolicyCheck extends PolicyCheck {
 
     if (details) {
       const { id } = await this.uploadArtifact(details);
-      if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);
+      if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);
     }
 
     if (componentsWithCopyleft.length === 0) {

diff --git a/src/policies/policy-check.ts b/src/policies/policy-check.ts
@@ -31,7 +31,7 @@
 import { DefaultArtifactClient, UploadArtifactResponse } from '@actions/artifact';
 import path from 'path';

 export enum CONCLUSION {
  ActionRequired = 'action_required',
  Cancelled = 'cancelled',
  Failure = 'failure',
@@ -42,7 +42,7 @@
  TimedOut = 'timed_out'
 }

 export enum STATUS {
  UNINITIALIZED = 'UNINITIALIZED',
  INITIALIZED = 'INITIALIZED',
  RUNNING = 'RUNNING',
@@ -58,12 +58,14 @@

  private checkRunId: number;

  private _raw: any;

  private _status: STATUS;
 
   private _conclusion: CONCLUSION;
 
+  private _firstRunId = -1;
+
   constructor(checkName: string) {
     this.octokit = getOctokit(inputs.GITHUB_TOKEN);
     this.checkName = checkName;
@@ -76,7 +78,7 @@
 
   abstract getPolicyName(): string;
 
-  async start(): Promise<any> {
+  async start(runId: number): Promise<any> {
     const result = await this.octokit.rest.checks.create({
       owner: context.repo.owner,
       repo: context.repo.repo,
@@ -87,6 +89,8 @@
     this.checkRunId = result.data.id;
     this._raw = result.data;
 
+    this._firstRunId = runId;
+
     this._status = STATUS.INITIALIZED;
     return result.data;
   }
@@ -99,15 +103,15 @@
    return this._conclusion;
  }

  get raw(): any {
    return this._raw;
   }
 
   get url(): string {
-    return `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}/job/${this.raw.id}`;
+    return `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${this._firstRunId}/job/${this.raw.id}`;
   }
 
   async run(scannerResults: ScannerResults): Promise<void> {
    if (this._status === STATUS.UNINITIALIZED)
      throw new Error(`Error on finish. Policy "${this.checkName}" is not created.`);

@@ -152,7 +156,7 @@
     return text.length > this.MAX_GH_API_CONTENT_SIZE;
   }
 
-  protected concatPolicyArtifactURLToPolicyCheck(details: string, artifactId: number): string {
+  protected async concatPolicyArtifactURLToPolicyCheck(details: string, artifactId: number): Promise<string> {
     const link =
       `\n\nDownload the ` +
       `[${this.getPolicyName()} Result](${context.serverUrl}/` +

diff --git a/src/policies/undeclared-policy-check.ts b/src/policies/undeclared-policy-check.ts
@@ -70,7 +70,7 @@ export class UndeclaredPolicyCheck extends PolicyCheck {
 
     if (details) {
       const { id } = await this.uploadArtifact(details);
-      if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);
+      if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);
     }
 
     if (nonDeclaredComponents.length === 0) {