Skip to content

Commit

Permalink
Add Ignore Folders Logic
Browse files Browse the repository at this point in the history
- Added a new Field that we can specify separated by commas each folder path to be ignored by the Scan
- Optimized Dockerfile
  • Loading branch information
pedro-mimoso committed Oct 10, 2024
1 parent a6cc7ca commit 1348f08
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 21 deletions.
12 changes: 4 additions & 8 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
# Stage 1: Base Image with Vorpal CLI
FROM checkmarx/vorpal-cli:1.0.116 as build-vorpal

# Stage 1: Build Reviewdog executable using Alpine
# Build Reviewdog executable using Alpine
FROM alpine:latest AS build-reviewdog

ENV REVIEWDOG_VERSION=v0.20.1
Expand All @@ -10,15 +7,14 @@ ENV REVIEWDOG_VERSION=v0.20.1
RUN apk --no-cache add curl bash \
&& curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b /usr/local/bin ${REVIEWDOG_VERSION}

# Deploy the application binary
FROM cgr.dev/chainguard/bash:latest
# Base Image with Vorpal CLI
FROM checkmarx/vorpal-cli:1.0.116 AS build-vorpal

# Set the working directory
WORKDIR /app/bin

# Copy the Reviewdog executable from the builder stage
COPY --from=build-reviewdog /usr/local/bin/reviewdog /usr/local/bin/reviewdog
COPY --from=build-vorpal /app/bin/vorpal /app/bin/vorpal

# Copy the entrypoint script
COPY entrypoint.sh /entrypoint.sh
Expand All @@ -27,4 +23,4 @@ COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /app/bin/vorpal /usr/local/bin/reviewdog /entrypoint.sh

# Set the entrypoint
ENTRYPOINT ["/entrypoint.sh"]
ENTRYPOINT ["/entrypoint.sh"]
9 changes: 6 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,11 @@ With reporter: github-pr-review a comment is added to the Pull Request Conversat
**Description**: Specify the source paths to analyze (comma-separated).
**Required**: true

### `folders_to_ignore`

**Description**: Specify the folders to ignore on Vorpal scan (comma-separated).
**Required**: false

### `level`

**Description**: Report level for reviewdog [info, warning, error].
Expand Down Expand Up @@ -117,6 +122,4 @@ jobs:
## License
Apache License Version 2.0
Apache License Version 2.0
13 changes: 8 additions & 5 deletions action.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
# action.yml
name: "Vorpal Github Action With reviewdog"
description: "Action Scan files with Vorpal engine and shows with reviewdog annotations and comments in PR"
name: 'Vorpal Github Action With reviewdog'
description: 'Action Scan files with Vorpal engine and shows with reviewdog annotations and comments in PR'
inputs:
github_token:
description: 'GITHUB_TOKEN.'
required: true
default: ${{ github.token }}
source_path:
description: "The path to the source code to scan"
description: 'The path to the source code to scan'
required: true
folders_to_ignore:
description: 'The paths of the folders to be ignored during the Vorpal scan'
required: false
level:
description: 'Report level for reviewdog [info,warning,error]'
default: 'error'
Expand All @@ -31,10 +34,10 @@ inputs:
description: 'Additional reviewdog flags'
default: ''
runs:
using: "docker"
using: 'docker'
image: Dockerfile
env:
WORKSPACE_PATH: $GITHUB_WORKSPACE
branding:
icon: 'monitor'
color: 'purple'
color: 'purple'
32 changes: 27 additions & 5 deletions entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@ else
IFS=','; set -- $INPUT_SOURCE_PATH; unset IFS
fi

# Parse folders to ignore
folders_to_ignore=$(echo "${INPUT_FOLDERS_TO_IGNORE}" | tr ',' ' ')

export REVIEWDOG_GITHUB_API_TOKEN="${INPUT_GITHUB_TOKEN}"

# Create a file to store all the results
Expand All @@ -25,14 +28,33 @@ all_results_file="all_results.errorformat"
# Scan Vorpal for each file
for file in "$@";
do
echo "${DATETIME} - INF : about to scan file $file"
echo "${DATETIME} - INF : vorpal command -s $file -r result.errorformat"
/app/bin/vorpal -s "$file" -r result.errorformat
# Check if the file is in any of the ignored folders
skip_file=false
for folder in $folders_to_ignore; do
if echo "$file" | grep -q "^$folder"; then
echo "${DATETIME} - INF : Skipping file $file as it is in ignored folder $folder"
skip_file=true
break
fi
done

# If not in an ignored folder, proceed with scanning
if [ "$skip_file" = false ]; then
echo "${DATETIME} - INF : about to scan file $file"
echo "${DATETIME} - INF : vorpal command -s $file -r result.errorformat"
/app/bin/vorpal -s "$file" -r result.errorformat

# Append the results to the all_results_file
cat result.errorformat >> "$all_results_file"
# Append the results to the all_results_file
cat result.errorformat >> "$all_results_file"
fi
done

# Check if the all_results_file is empty
if [ ! -s "$all_results_file" ]; then
echo "${DATETIME} - INF : No results found. Skipping Reviewdog."
exit 0
fi

# Reviewdog
echo "${DATETIME} - INF : Reviewdog executing on version $(reviewdog -version)"
cat "$all_results_file" | reviewdog -efm '%f:%l:%c:%m' \
Expand Down

0 comments on commit 1348f08

Please sign in to comment.