Merge upstream:main
This commit is contained in:
+15
@@ -27,6 +27,21 @@ inputs:
|
|||||||
correlator:
|
correlator:
|
||||||
description: 'An optional identifier to distinguish between multiple dependency snapshots of the same type.'
|
description: 'An optional identifier to distinguish between multiple dependency snapshots of the same type.'
|
||||||
required: false
|
required: false
|
||||||
|
detector-name:
|
||||||
|
description: 'The name of the detector. If provided, detector-version and detector-url must also be provided.'
|
||||||
|
required: false
|
||||||
|
detector-version:
|
||||||
|
description: 'The version of the detector. If provided, detector-name and detector-url must also be provided.'
|
||||||
|
required: false
|
||||||
|
detector-url:
|
||||||
|
description: 'The URL of the detector. If provided, detector-name and detector-version must also be provided.'
|
||||||
|
required: false
|
||||||
|
snapshot-sha:
|
||||||
|
description: 'The SHA of the commit to associate with the snapshot. If provided, snapshot-ref must also be provided.'
|
||||||
|
required: false
|
||||||
|
snapshot-ref:
|
||||||
|
description: 'The Git reference to associate with the snapshot. If provided, snapshot-sha must also be provided.'
|
||||||
|
required: false
|
||||||
runs:
|
runs:
|
||||||
using: 'node20'
|
using: 'node20'
|
||||||
main: 'dist/index.js'
|
main: 'dist/index.js'
|
||||||
|
|||||||
+38
-10
@@ -36267,23 +36267,51 @@ const github = __importStar(__nccwpck_require__(3228));
|
|||||||
const dependency_submission_toolkit_1 = __nccwpck_require__(3323);
|
const dependency_submission_toolkit_1 = __nccwpck_require__(3323);
|
||||||
const componentDetection_1 = __importDefault(__nccwpck_require__(3202));
|
const componentDetection_1 = __importDefault(__nccwpck_require__(3202));
|
||||||
function run() {
|
function run() {
|
||||||
var _a;
|
var _a, _b, _c, _d, _e, _f;
|
||||||
return __awaiter(this, void 0, void 0, function* () {
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
let manifests = yield componentDetection_1.default.scanAndGetManifests(core.getInput('filePath'));
|
let manifests = yield componentDetection_1.default.scanAndGetManifests(core.getInput("filePath"));
|
||||||
const correlatorInput = ((_a = core.getInput('correlator')) === null || _a === void 0 ? void 0 : _a.trim()) || github.context.job;
|
const correlatorInput = ((_a = core.getInput("correlator")) === null || _a === void 0 ? void 0 : _a.trim()) || github.context.job;
|
||||||
let snapshot = new dependency_submission_toolkit_1.Snapshot({
|
// Get detector configuration inputs
|
||||||
name: "Component Detection",
|
const detectorName = (_b = core.getInput("detector-name")) === null || _b === void 0 ? void 0 : _b.trim();
|
||||||
version: "0.0.1",
|
const detectorVersion = (_c = core.getInput("detector-version")) === null || _c === void 0 ? void 0 : _c.trim();
|
||||||
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
const detectorUrl = (_d = core.getInput("detector-url")) === null || _d === void 0 ? void 0 : _d.trim();
|
||||||
}, github.context, {
|
// Validate that if any detector config is provided, all must be provided
|
||||||
|
const hasAnyDetectorInput = detectorName || detectorVersion || detectorUrl;
|
||||||
|
const hasAllDetectorInputs = detectorName && detectorVersion && detectorUrl;
|
||||||
|
if (hasAnyDetectorInput && !hasAllDetectorInputs) {
|
||||||
|
core.setFailed("If any detector configuration is provided (detector-name, detector-version, detector-url), all three must be provided.");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// Use provided detector config or defaults
|
||||||
|
const detector = hasAllDetectorInputs
|
||||||
|
? {
|
||||||
|
name: detectorName,
|
||||||
|
version: detectorVersion,
|
||||||
|
url: detectorUrl,
|
||||||
|
}
|
||||||
|
: {
|
||||||
|
name: "Component Detection",
|
||||||
|
version: "0.0.1",
|
||||||
|
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
||||||
|
};
|
||||||
|
let snapshot = new dependency_submission_toolkit_1.Snapshot(detector, github.context, {
|
||||||
correlator: correlatorInput,
|
correlator: correlatorInput,
|
||||||
id: github.context.runId.toString()
|
id: github.context.runId.toString(),
|
||||||
});
|
});
|
||||||
core.debug(`Manifests: ${manifests === null || manifests === void 0 ? void 0 : manifests.length}`);
|
core.debug(`Manifests: ${manifests === null || manifests === void 0 ? void 0 : manifests.length}`);
|
||||||
manifests === null || manifests === void 0 ? void 0 : manifests.forEach(manifest => {
|
manifests === null || manifests === void 0 ? void 0 : manifests.forEach((manifest) => {
|
||||||
core.debug(`Manifest: ${JSON.stringify(manifest)}`);
|
core.debug(`Manifest: ${JSON.stringify(manifest)}`);
|
||||||
snapshot.addManifest(manifest);
|
snapshot.addManifest(manifest);
|
||||||
});
|
});
|
||||||
|
// Override snapshot ref and sha if provided
|
||||||
|
const snapshotSha = (_e = core.getInput("snapshot-sha")) === null || _e === void 0 ? void 0 : _e.trim();
|
||||||
|
const snapshotRef = (_f = core.getInput("snapshot-ref")) === null || _f === void 0 ? void 0 : _f.trim();
|
||||||
|
if (snapshotSha) {
|
||||||
|
snapshot.sha = snapshotSha;
|
||||||
|
}
|
||||||
|
if (snapshotRef) {
|
||||||
|
snapshot.ref = snapshotRef;
|
||||||
|
}
|
||||||
(0, dependency_submission_toolkit_1.submitSnapshot)(snapshot);
|
(0, dependency_submission_toolkit_1.submitSnapshot)(snapshot);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-1
File diff suppressed because one or more lines are too long
@@ -13,27 +13,65 @@ import {
|
|||||||
import ComponentDetection from './componentDetection';
|
import ComponentDetection from './componentDetection';
|
||||||
|
|
||||||
async function run() {
|
async function run() {
|
||||||
let manifests = await ComponentDetection.scanAndGetManifests(core.getInput('filePath'));
|
let manifests = await ComponentDetection.scanAndGetManifests(
|
||||||
const correlatorInput = core.getInput('correlator')?.trim() || github.context.job;
|
core.getInput("filePath")
|
||||||
|
);
|
||||||
let snapshot = new Snapshot({
|
const correlatorInput =
|
||||||
name: "Component Detection",
|
core.getInput("correlator")?.trim() || github.context.job;
|
||||||
version: "0.0.1",
|
|
||||||
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
// Get detector configuration inputs
|
||||||
},
|
const detectorName = core.getInput("detector-name")?.trim();
|
||||||
github.context,
|
const detectorVersion = core.getInput("detector-version")?.trim();
|
||||||
{
|
const detectorUrl = core.getInput("detector-url")?.trim();
|
||||||
|
|
||||||
|
// Validate that if any detector config is provided, all must be provided
|
||||||
|
const hasAnyDetectorInput = detectorName || detectorVersion || detectorUrl;
|
||||||
|
const hasAllDetectorInputs = detectorName && detectorVersion && detectorUrl;
|
||||||
|
|
||||||
|
if (hasAnyDetectorInput && !hasAllDetectorInputs) {
|
||||||
|
core.setFailed(
|
||||||
|
"If any detector configuration is provided (detector-name, detector-version, detector-url), all three must be provided."
|
||||||
|
);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Use provided detector config or defaults
|
||||||
|
const detector = hasAllDetectorInputs
|
||||||
|
? {
|
||||||
|
name: detectorName,
|
||||||
|
version: detectorVersion,
|
||||||
|
url: detectorUrl,
|
||||||
|
}
|
||||||
|
: {
|
||||||
|
name: "Component Detection",
|
||||||
|
version: "0.0.1",
|
||||||
|
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
||||||
|
};
|
||||||
|
|
||||||
|
let snapshot = new Snapshot(detector, github.context, {
|
||||||
correlator: correlatorInput,
|
correlator: correlatorInput,
|
||||||
id: github.context.runId.toString()
|
id: github.context.runId.toString(),
|
||||||
});
|
});
|
||||||
|
|
||||||
core.debug(`Manifests: ${manifests?.length}`);
|
core.debug(`Manifests: ${manifests?.length}`);
|
||||||
|
|
||||||
manifests?.forEach(manifest => {
|
manifests?.forEach((manifest) => {
|
||||||
core.debug(`Manifest: ${JSON.stringify(manifest)}`);
|
core.debug(`Manifest: ${JSON.stringify(manifest)}`);
|
||||||
snapshot.addManifest(manifest);
|
snapshot.addManifest(manifest);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Override snapshot ref and sha if provided
|
||||||
|
const snapshotSha = core.getInput("snapshot-sha")?.trim();
|
||||||
|
const snapshotRef = core.getInput("snapshot-ref")?.trim();
|
||||||
|
|
||||||
|
if (snapshotSha) {
|
||||||
|
snapshot.sha = snapshotSha;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (snapshotRef) {
|
||||||
|
snapshot.ref = snapshotRef;
|
||||||
|
}
|
||||||
|
|
||||||
submitSnapshot(snapshot);
|
submitSnapshot(snapshot);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user