Skip to content

Commit

Permalink
Merge pull request #3128 from mercedes-benz/gha_feature-3117-default-…
Browse files Browse the repository at this point in the history
…to-client-1.5.0-v2

Gha feature default to client 1.5.0 v2  #3117
  • Loading branch information
sven-dmlr authored May 8, 2024
2 parents 14862ef + 2d85948 commit 7fc03e2
Show file tree
Hide file tree
Showing 6 changed files with 22 additions and 20 deletions.
14 changes: 6 additions & 8 deletions .github/workflows/github-action-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ on:
push:
branches:
- 'gha_*'
# enable manual triggering of workflow
workflow_dispatch:

jobs:
build-scan:
Expand All @@ -13,7 +15,7 @@ jobs:

defaults:
run:
working-directory: ./github-actions/scan
working-directory: github-actions/scan
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
Expand All @@ -32,7 +34,7 @@ jobs:
- name: Run unit tests
run: npm test

# We store git status - why? Here we see, if index.js has been changed - if so, a developer
# We store git status - why? Here we see if index.js has been changed - if so, a developer
# forgot to commit the changes - means the action cannot be used productive!
- name: Store git status
run: |
Expand All @@ -42,9 +44,9 @@ jobs:
- name: Define integration test setup
id : version-selector
run: |
echo "sechub_server_version=1.8.0" >> "$GITHUB_ENV"
echo "sechub_server_version=1.9.0" >> "$GITHUB_ENV"
echo "sechub_server_port=8443" >> "$GITHUB_ENV"
echo "pds_version=1.5.0" >> "$GITHUB_ENV"
echo "pds_version=1.6.0" >> "$GITHUB_ENV"
echo "pds_port=8444" >> "$GITHUB_ENV"
- name: Cache SecHub server download
Expand All @@ -66,7 +68,6 @@ jobs:
with:
java-version: 17
distribution: temurin


- name: Start integration test servers
working-directory: ./github-actions/scan/__test__/integrationtest/
Expand Down Expand Up @@ -110,6 +111,3 @@ jobs:
./github-actions/scan/sechub_report*.*
./sechub_report*.*
retention-days: 14



16 changes: 10 additions & 6 deletions github-actions/scan/README.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ To be able to use this action you need a SecHub project. Check the https://merce

[source,yaml]
----
- uses: mercedes-benz/sechub/github-actions/scan@ae265a7015fcefc89027876029a50c8d149e0e51
- uses: mercedes-benz/sechub/github-actions/scan@master
with:
# OPTIONAL: Path to sechub.json for manual configuration. If no value is set the input parameters will be used to create it for the scan.'
config-path: 'sechub.json'
Expand All @@ -33,8 +33,8 @@ To be able to use this action you need a SecHub project. Check the https://merce
project-name: ${{ secrets.SECHUB_PROJECT }}
# OPTIONAL: Which version of the SecHub cli to use
# DEFAULT: 1.4.0
version: '1.4.0'
# DEFAULT: 1.5.0
version: '1.5.0'
# OPTIONAL: A list of scan types that shall be used when a sechub configuration file is generated.
# Allowed values: codeScan, secretScan and licenseScan - If you want other scan types you
Expand Down Expand Up @@ -93,14 +93,18 @@ You can access them after the action has run with `${{ steps.<step-id>.outputs.<

=== Build

To build the action locally you have to run this command:
Make sure that you have installed https://nodejs.org/en/download/package-manager[Node.js]. +
To build the action locally you have to run these commands:

[source,npm]
----
# Install dependencies
npm install
# Build
npm run build
----

This will run the `ncc` compiler and transpile the files from the src folder into the files from the dist folder.
This runs the ncc compiler and transpiles the files from the src folder into the `dist/` folder.
The dist files will be executed by the GitHub Action.

It's necessary to execute the build after every change of the sources and you have to commit the changes in dist to git.
Expand Down Expand Up @@ -136,7 +140,7 @@ To enable full debug output in integration tests please execute following before
export SECHUB_DEBUG=true
----

==== Debug tests
==== Debugging tests
The unit and also the integration tests are written with `jest` test framework.

===== Setup
Expand Down
2 changes: 1 addition & 1 deletion github-actions/scan/__test__/integrationtest.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -376,4 +376,4 @@ function loadSpdxJsonReportAndAssertItContains(context: LaunchContext, textPart:
const spdxJson = fs.readFileSync(spdxJsonPath, 'utf8');

expect(spdxJson).toContain(textPart);
}
}
4 changes: 2 additions & 2 deletions github-actions/scan/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ inputs:
description: 'SecHub project name'
required: false
version:
description: 'Which version of the SecHub'
description: 'Which version of the SecHub client to use'
required: false
default: '1.4.0'
default: '1.5.0'
scan-types:
description: 'Scan types to use for generated sechub configuration file (ignored in the case of a custom configuration file). Supported types are: codeScan, licenseScan and secretScan. Can be combined by ,'
required: false
Expand Down
4 changes: 2 additions & 2 deletions github-actions/scan/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion github-actions/scan/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "sechub-scan-action",
"version": "1.0.0",
"version": "2.0.0",
"description": "GitHub Action for SecHub scan",
"main": "dist/main.js",
"scripts": {
Expand Down

0 comments on commit 7fc03e2

Please sign in to comment.