Files
component-detection-depende…/index.ts
T

100 lines
2.8 KiB
TypeScript
Raw Normal View History

2022-08-25 09:12:00 -07:00
const core = require('@actions/core');
2022-10-04 09:44:26 -07:00
const github = require('@actions/github');
2022-08-25 11:50:14 -07:00
const fs = require('fs');
const glob = require('glob');
const yaml = require('yaml');
2022-08-25 09:12:00 -07:00
2022-08-25 11:50:14 -07:00
import {
PackageCache,
BuildTarget,
Package,
Snapshot,
2022-10-04 13:16:36 -07:00
Manifest,
2022-08-25 11:50:14 -07:00
submitSnapshot
} from '@github/dependency-submission-toolkit'
2022-08-25 09:12:00 -07:00
async function run() {
let manifests = getManifestsFromEnvironmentFiles(searchFiles());
2022-08-25 11:50:14 -07:00
let snapshot = new Snapshot({
name: "conda-dependency-submission-action",
2022-08-25 11:50:14 -07:00
version: "0.0.1",
url: "https://github.com/jhutchings1/conda-dependency-submission-action",
2022-10-04 09:44:26 -07:00
},
github.context,
{
correlator:`${github.context.job}`,
id: github.context.runId.toString()
2022-08-25 11:50:14 -07:00
});
2022-08-25 12:49:25 -07:00
manifests?.forEach(manifest => {
snapshot.addManifest(manifest);
2022-08-25 11:50:14 -07:00
});
submitSnapshot(snapshot);
}
function getManifestFromEnvironmentFile(document, fileName) {
core.debug(`getManifestFromEnvironmentFile processing ${fileName}`);
2022-10-04 13:37:13 -07:00
let manifest = new Manifest("Environment", fileName);
/**
2022-10-04 13:37:13 -07:00
let manifest = new Manifest(document.name, fileName);
2022-10-04 14:17:41 -07:00
core.debug(`Processing ${document.packages?.length} packages`);
2022-10-04 13:37:13 -07:00
document.packages?.forEach(pkg => {
2022-10-04 14:21:09 -07:00
let packageName = pkg.name;
2022-08-25 12:49:25 -07:00
let packageVersion = pkg.packageVersion;
2022-10-04 16:22:27 -07:00
let referenceLocator = pkg.externalRefs?.find(ref => ref.referenceCategory === "PACKAGE-MANAGER" && ref.referenceType === "purl")?.referenceLocator;
let genericPurl = `pkg:generic/${packageName}@${packageVersion}`;
2022-10-04 15:36:21 -07:00
// SPDX 2.3 defines a purl field
2022-10-04 16:22:27 -07:00
let purl;
if (pkg.purl != undefined) {
purl = pkg.purl;
} else if (referenceLocator != undefined) {
purl = referenceLocator;
} else {
purl = genericPurl;
2022-10-04 15:36:21 -07:00
}
// Working around weird encoding issues from an SBOM generator
// Find the last instance of %40 and replace it with @
purl = replaceVersionEscape(purl);
2022-10-04 14:17:41 -07:00
2022-10-04 14:04:40 -07:00
let relationships = document.relationships?.find(rel => rel.relatedSpdxElement == pkg.SPDXID && rel.relationshipType == "DEPENDS_ON" && rel.spdxElementId != "SPDXRef-RootPackage");
if (relationships != null && relationships.length > 0) {
2022-10-04 14:50:23 -07:00
manifest.addIndirectDependency(new Package(purl));
2022-10-04 13:37:13 -07:00
} else {
2022-10-04 14:50:23 -07:00
manifest.addDirectDependency(new Package(purl));
2022-10-04 14:10:02 -07:00
}
});
return manifest;
*/
2022-08-25 12:49:25 -07:00
}
2022-10-04 13:37:13 -07:00
function getManifestsFromEnvironmentFiles(files) {
2022-10-04 12:03:50 -07:00
core.debug(`Processing ${files.length} files`);
2022-08-25 12:49:25 -07:00
let manifests = [];
files?.forEach(file => {
2022-10-04 11:51:27 -07:00
core.debug(`Processing ${file}`);
manifests.push(getManifestFromEnvironmentFile(yaml.parse(file)));
2022-08-25 11:50:14 -07:00
});
2022-08-25 12:49:25 -07:00
return manifests;
2022-08-25 11:50:14 -07:00
}
function searchFiles(filePath = false, filePattern = false) {
if (!filePath) {
let filePath = core.getInput('filePath');
}
if (!filePattern) {
let filePattern = core.getInput('filePattern');
}
2022-08-25 11:50:14 -07:00
2022-10-04 13:15:32 -07:00
return glob.sync(`${filePath}/${filePattern}`, {});
2022-08-25 09:12:00 -07:00
}
run();