Update to sourcehawk 0.6.0

brianwyka · brianwyka · commit f1abf907839b · 2021-04-21T08:20:46.000-04:00
diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
 # Github Docs: https://docs.github.com/en/free-pro-team@latest/actions/creating-actions/dockerfile-support-for-github-actions
 
 # Small Linux based image with sourcehawk installed
-FROM optumopensource/sourcehawk:0.4.4
+FROM optumopensource/sourcehawk:0.6.0
 
 # Need root to write
 USER root
diff --git a/action.yml b/action.yml
@@ -28,6 +28,9 @@ inputs:
     description: 'Whether or not to fail the build on scan failure'
     required: false
     default: 'true'
+  tags:
+    description: 'Tags to filter the scan on'
+    required: false
 outputs:
   scan-passed:
     description: '"true" if scan passed, "false" otherwise'
@@ -41,4 +44,5 @@ runs:
     - ${{ inputs.output-file }}
     - ${{ inputs.fail-on-warnings }}
     - ${{ inputs.fail-build }}
+    - ${{ inputs.tags }}
 
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -22,20 +22,19 @@ OUTPUT_FORMAT=${3:-TEXT}
 OUTPUT_FILE=${4:-'sourcehawk-scan-results.txt'}
 FAIL_ON_WARNINGS=${5:-false}
 FAIL_BUILD=${6:-true}
+TAGS=$7
 
+# Global variables
 PASSED=false
 
-# Run the scan and output the results
-if [ "$FAIL_ON_WARNINGS" = "true" ]; then
-  sourcehawk scan --config-file "$CONFIG_FILE" --output-format "$OUTPUT_FORMAT" --fail-on-warnings "$REPOSITORY_ROOT" > "$OUTPUT_FILE"
-else
-  sourcehawk scan --config-file "$CONFIG_FILE" --output-format "$OUTPUT_FORMAT" "$REPOSITORY_ROOT" > "$OUTPUT_FILE"
-fi
+# Build command options
+set -- -c "$CONFIG_FILE" -f "$OUTPUT_FORMAT"
+[ "$FAIL_ON_WARNINGS" = true ] && set -- "$@" -w
+[ -n "$TAGS" ] && set -- "$@" -t "$TAGS"
+set -- "$@" "$REPOSITORY_ROOT"
 
-# Determine if scan passed
-if [ $? -eq 0 ]; then
-  PASSED=true
-fi
+# Run the scan and output the results
+sourcehawk scan "$@" > "$OUTPUT_FILE" && PASSED=true
 
 # Show the scan results
 cat "$OUTPUT_FILE"
@@ -44,11 +43,7 @@ cat "$OUTPUT_FILE"
 echo "::set-output name=scan-passed::$PASSED"
 
 # Exit cleanly if scan passes
-if [ "$PASSED" = "true" ]; then
-  exit 0
-fi
+[ "$PASSED" = "true" ] && exit 0
 
 # Exit in error if configured to fail build
-if [ "$FAIL_BUILD" = "true" ]; then
-  exit 1
-fi
+[ "$FAIL_BUILD" = "true" ] && exit 1
diff --git a/tests/scan-custom.sh b/tests/scan-custom.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-OUTPUT=$(docker run -v "$1:/github/workspace" "$2" "tests/scan-custom" "sh.yml" "JSON" "sourcehawk-scan-results.json")
+OUTPUT=$(docker run -v "$1:/github/workspace" "$2" "tests/scan-custom" "sh.yml" "JSON" "sourcehawk-scan-results.json" false true "primary")
 SCAN_EXIT_CODE=$?
 
 PASSED=()
@@ -19,11 +19,11 @@ TEST_NAME="SCAN_RESULT_JSON"
 OUTPUT_JSON="$(echo "$OUTPUT" | head -n -1 | sed 's/ *$//')"
 read -r -d '' EXPECTED_JSON << EOS
 {
-  "passedWithNoWarnings" : true,
+  "errorCount" : 0,
   "passed" : true,
-  "warningCount" : 0,
   "messages" : { },
-  "errorCount" : 0,
+  "passedWithNoWarnings" : true,
+  "warningCount" : 0,
   "formattedMessages" : [ ]
 }
 EOS
diff --git a/tests/scan-custom/file2.txt b/tests/scan-custom/file2.txt
@@ -0,0 +1 @@
+Foo Bar
diff --git a/tests/scan-custom/sh.yml b/tests/scan-custom/sh.yml
@@ -1,4 +1,12 @@
 
 file-protocols:
   - name: File
-    repository-path: file.txt
+    tags:
+      - file
+      - primary
+    repository-path: file.txt
+  - name: File
+    tags:
+      - file
+      - secondary
+    repository-path: file2.txt
diff --git a/tests/scan-error.sh b/tests/scan-error.sh
@@ -24,7 +24,7 @@ else
 fi
 
 TEST_NAME="SCAN_RESULT_ERROR"
-SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//')
+SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//' | sed 's/\x1b\[[0-9;]*m//g')
 EXPECTED="[ERROR] sourcehawk.yml :: Configuration file not found"
 if [[ "$SECOND_LINE" = "$EXPECTED" ]]; then
   echo " > $TEST_NAME: Correct"
diff --git a/tests/scan-failed.sh b/tests/scan-failed.sh
@@ -24,7 +24,7 @@ else
 fi
 
 TEST_NAME="SCAN_RESULT_ERROR"
-SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//')
+SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//' | sed 's/\x1b\[[0-9;]*m//g')
 EXPECTED="[ERROR] foo.bar :: File not found"
 if [[ "$SECOND_LINE" = "$EXPECTED" ]]; then
   echo " > $TEST_NAME: Correct"
diff --git a/tests/scan-warning-fail.sh b/tests/scan-warning-fail.sh
@@ -27,7 +27,7 @@ else
 fi
 
 TEST_NAME="SCAN_RESULT_ERROR"
-SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//')
+SECOND_LINE=$(echo "$OUTPUT" | tail -2 | head -1 | sed -e 's/[[:space:]]*$//' | sed 's/\x1b\[[0-9;]*m//g')
 EXPECTED="[WARN]  foo.bar :: File not found"
 if [[ "$SECOND_LINE" = "$EXPECTED" ]]; then
   echo " > $TEST_NAME: Correct"
