feat(COD-4237): add a working directory option to the action

Author: jeremydubreil

action.yaml

@@ -2,8 +2,8 @@ name: 'lacework-code-security'
 description: "Scan code with Lacework's Code Security offering"
 author: 'Lacework'
 inputs:
-  sources:
-    description: 'Sources directory to analyze'
+  working-directory:
+    description: 'Set working directory to run the analysis on'
     required: false
     default: '.'
   target:
@@ -113,7 +113,7 @@ runs:
     - id: run-analysis
       uses: './../lacework-code-security'
       with:
-        sources: '${{ inputs.sources }}'
+        working-directory: '${{ inputs.working-directory }}'
         target: '${{ inputs.target }}'
         debug: '${{ inputs.debug }}'
         token: '${{ inputs.token || github.token }}'

src/index.ts

@@ -1,11 +1,12 @@
 import { error, getInput, info, setOutput, warning } from '@actions/core'
-import { existsSync, appendFileSync } from 'fs'
+import { appendFileSync, existsSync } from 'fs'
 import {
   downloadArtifact,
   postCommentIfInPr,
   resolveExistingCommentIfFound,
   uploadArtifact,
 } from './actions'
+import { downloadKeys, trustedKeys } from './keys'
 import { compareResults, createPRs, printResults } from './tool'
 import {
   autofix,
@@ -15,12 +16,11 @@ import {
   getActionRef,
   getMsSinceStart,
   getOptionalEnvVariable,
-  getOrDefault,
   getRequiredEnvVariable,
   getRunUrl,
-  telemetryCollector,
+  getWorkingDirectory,
+  telemetryCollector
 } from './util'
-import { downloadKeys, trustedKeys } from './keys'
 
 const scaSarifReport = 'scaReport/output.sarif'
 const scaReport = 'sca.sarif'
@@ -46,11 +46,11 @@ async function runAnalysis() {
   const toUpload: string[] = []
 
   await downloadKeys()
+  const workingDirectory = getWorkingDirectory()
   // command to print both sarif and lwjson formats
   var args = [
     'sca',
     'scan',
-    '.',
     '--save-results',
     '-o',
     scaDir,
@@ -61,7 +61,9 @@ async function runAnalysis() {
     '--keyring',
     trustedKeys,
     '--secret',
+    workingDirectory,
   ]
+  args.push(getWorkingDirectory())
   if (indirectDeps.toLowerCase() === 'false') {
     args.push('--eval-direct-only')
   }

src/util.ts

@@ -1,5 +1,4 @@
-import { getInput, isDebug } from '@actions/core'
-import { error, info } from '@actions/core'
+import { error, getInput, info, isDebug } from '@actions/core'
 import { spawn } from 'child_process'
 import { TelemetryCollector } from './telemetry'
 
@@ -29,6 +28,10 @@ export function autofix() {
   return getBooleanInput('autofix') && getInput('target') != 'old'
 }
 
+export function getWorkingDirectory() {
+  return getOrDefault('working-directory', '.')
+}
+
 export function getRunUrl(): string {
   let result = getRequiredEnvVariable('GITHUB_SERVER_URL')
   result += '/'