microsoft
/
msca-actions-toolkit
зеркало из https://github.com/microsoft/security-devops-actions-toolkit.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

v1.0.0

This commit is contained in:
David Knise 2021-02-20 20:04:13 -08:00
Родитель be2bcac491
Коммит 9b91d354f0
12 изменённых файлов: 559 добавлений и 60 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
.npmrc Normal file
Просмотреть файл

@ -0,0 +1 @@
registry=https://registry.npmjs.org/

17
README.md
Просмотреть файл

@ -1,14 +1,15 @@
# Project
# Microsoft Security Code Analysis GitHub Actions Toolkit
> This repo has been populated by an initial template to help get you started. Please
> make sure to update the content to build a great experience for community-building.
ibrary for running the [Microsoft Security Code Analysis CLI](https://aka.ms/msca-nuget).
As the maintainer of this project, please make a few updates:
## Leveraged By
- Improving this README.MD file to provide a great experience
- Updating SUPPORT.MD with content about this project's support experience
- Understanding the security reporting process in SECURITY.MD
- Remove this section from the README
* [GitHub OSSAR Action](https://github.com/github/ossar-action)
* [Microsoft Security Code Analysis GitHub Action](https://github.com/microsoft/security-code-analysis-action)
## Related
* [MSCA Task Library for Azure DevOps](https://github.com/microsoft/msca-azdevops-task-lib)
## Contributing

10
SUPPORT.md
Просмотреть файл

@ -1,13 +1,3 @@
# TODO: The maintainer of this repo has not yet edited this file
**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
- **No CSS support:** Fill out this template with information about how to file issues and get help.
- **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport).
- **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide.
*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
# Support
## How to file issues and get help

13
build.proj
Просмотреть файл

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<RepoDirectory Condition=" '$(RepoDirectory)' == '' ">$(MSBuildThisFileDirectory)</RepoDirectory>
@ -8,22 +8,25 @@
<NpmInstall Condition=" '$(NpmInstall)' == ''">false</NpmInstall>
</PropertyGroup>
<Target Name="Clean">
<RemoveDir Directories="$(LibDirectory)" />
</Target>
<Target
Name="NpmInstall"
Inputs="$(RepoDirectory)"
Outputs="$(RepoDirectory)\node_modules"
Condition=" '$(NpmInstall)' == 'true' ">
<Message Text="Installing npm dependencies in: $(RepoDirectory)..." />
<Message Text="Installing npm dependencies in: $(RepoDirectory)" />
<Exec Command="npm install" WorkingDirectory="$(RepoDirectory)" />
</Target>
<Target Name="Build" DependsOnTargets="NpmInstall">
<Message Text="Compiling msca-azdevops-toolkit..." />
<Target Name="Build" DependsOnTargets="Clean;NpmInstall">
<Message Text="Compiling msca-actions-toolkit." />
<Exec Command="tsc" WorkingDirectory="$(RepoDirectory)" />
<Copy SourceFiles="$(SrcDirectory)/msca-toolkit.proj" DestinationFolder="$(LibDirectory)" />
<Copy SourceFiles="$(RepoDirectory)/package.json" DestinationFolder="$(LibDirectory)" />
<Copy SourceFiles="$(RepoDirectory)/package-lock.json" DestinationFolder="$(LibDirectory)" />
</Target>
</Project>

109
lib/msca-client.js Normal file
Просмотреть файл

@ -0,0 +1,109 @@
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
result["default"] = mod;
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
const path = __importStar(require("path"));
const process = __importStar(require("process"));
const core = __importStar(require("@actions/core"));
const exec = __importStar(require("@actions/exec"));
const msca_installer_1 = require("./msca-installer");
class MscaClient {
constructor() {
this.cliVersion = '0.*';
}
setupEnvironment() {
return __awaiter(this, void 0, void 0, function* () {
console.log('------------------------------------------------------------------------------');
if (!process.env.MSCA_FILEPATH) {
let cliVersion = this.resolveCliVersion();
let mscaInstaller = new msca_installer_1.MscaInstaller();
yield mscaInstaller.install(cliVersion);
}
console.log('------------------------------------------------------------------------------');
});
}
resolveCliVersion() {
let cliVersion = this.cliVersion;
if (process.env.MSCA_VERSION) {
cliVersion = process.env.MSCA_VERSION;
}
return cliVersion;
}
isNullOrWhiteSpace(value) {
return !value || !value.trim();
}
getCliFilePath() {
let cliFilePath = process.env.MSCA_FILEPATH;
core.debug(`cliFilePath = ${cliFilePath}`);
return cliFilePath;
}
init() {
return __awaiter(this, void 0, void 0, function* () {
try {
let cliFilePath = this.getCliFilePath();
yield exec.exec(cliFilePath, ['init', '--force']);
}
catch (error) {
core.debug(error);
}
});
}
run(inputArgs) {
return __awaiter(this, void 0, void 0, function* () {
let cliFilePath = null;
let args = [];
try {
yield this.setupEnvironment();
yield this.init();
cliFilePath = process.env.MSCA_FILEPATH;
core.debug(`cliFilePath = ${cliFilePath}`);
if (inputArgs != null) {
for (let i = 0; i < inputArgs.length; i++) {
args.push(inputArgs[i]);
}
}
args.push('--not-break-on-detections');
if (core.isDebug()) {
args.push('--logger-level');
args.push('trace');
}
let sarifFile = path.join(process.env.GITHUB_WORKSPACE, '.gdn', 'msca.sarif');
core.debug(`sarifFile = ${sarifFile}`);
core.exportVariable('MSCA_SARIF_FILE', sarifFile);
core.setOutput('sarifFile', sarifFile);
args.push('--export-breaking-results-to-file');
args.push(`${sarifFile}`);
}
catch (error) {
error('Exception occurred while initializing MSCA:');
error(error);
core.setFailed(error.Message);
return;
}
try {
core.debug('Running Microsoft Security Code Analysis...');
yield exec.exec(cliFilePath, args);
}
catch (error) {
error(error);
core.setFailed(error.Message);
return;
}
});
}
}
exports.MscaClient = MscaClient;

212
lib/msca-installer.js Normal file
Просмотреть файл

@ -0,0 +1,212 @@
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
result["default"] = mod;
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const process = __importStar(require("process"));
const core = __importStar(require("@actions/core"));
const exec = __importStar(require("@actions/exec"));
class MscaInstaller {
install(cliVersion) {
return __awaiter(this, void 0, void 0, function* () {
console.log('Installing Microsoft Security Code Analysis Cli...');
if (process.env.MSCA_FILEPATH) {
console.log(`MSCA CLI File Path overriden by %MSCA_FILEPATH%: ${process.env.MSCA_FILEPATH}`);
return;
}
if (process.env.MSCA_DIRECTORY) {
console.log(`MSCA CLI Directory overriden by %MSCA_DIRECTORY%: ${process.env.MSCA_DIRECTORY}`);
let mscaFilePath = path.join(process.env.MSCA_DIRECTORY, 'guardian');
core.debug(`mscaFilePath = ${mscaFilePath}`);
process.env.MSCA_FILEPATH = mscaFilePath;
return;
}
let mscaDirectory = path.resolve(path.join(process.env.GITHUB_WORKSPACE, '../../_msca'));
core.debug(`mscaDirectory = ${mscaDirectory}`);
this.ensureDirectory(mscaDirectory);
let mscaPackagesDirectory = path.join(mscaDirectory, 'versions');
core.debug(`mscaPackagesDirectory = ${mscaPackagesDirectory}`);
this.ensureDirectory(mscaPackagesDirectory);
let mscaVersionsDirectory = path.join(mscaPackagesDirectory, 'microsoft.security.codeanalysis.cli');
core.debug(`mscaVersionsDirectory = ${mscaVersionsDirectory}`);
if (this.isInstalled(mscaVersionsDirectory, cliVersion)) {
return;
}
let failed = false;
let attempts = 0;
let maxAttempts = 2;
do {
failed = false;
const mscaToolkitDirectory = path.resolve(__dirname);
core.debug(`mscaToolkitDirectory = ${mscaToolkitDirectory}`);
const mscaProjectFile = path.join(mscaToolkitDirectory, 'msca-toolkit.proj');
core.debug(`mscaProjectFile = ${mscaProjectFile}`);
let args = [
'restore',
mscaProjectFile,
`/p:MscaPackageVersion=${cliVersion}`,
'--packages',
mscaPackagesDirectory,
'--source',
'https://api.nuget.org/v3/index.json'
];
try {
yield exec.exec('dotnet', args);
}
catch (error) {
core.debug(error);
failed = true;
attempts += 1;
if (attempts > maxAttempts) {
break;
}
}
} while (failed);
this.resolvePackageDirectory(mscaVersionsDirectory, cliVersion);
});
}
ensureDirectory(directory) {
if (!fs.existsSync(directory)) {
fs.mkdirSync(directory);
}
}
isInstalled(versionsDirectory, cliVersion) {
let installed = false;
if (cliVersion.includes("*")) {
core.debug(`MSCA CLI version contains a latest quantifier: ${cliVersion}. Continuing with install...`);
return installed;
}
this.setVariablesWithVersion(versionsDirectory, cliVersion);
if (fs.existsSync(process.env.MSCA_DIRECTORY)) {
console.log(`MSCA CLI v${cliVersion} already installed.`);
installed = true;
}
return installed;
}
resolvePackageDirectory(versionDirectory, cliVersion) {
if (cliVersion.includes("*")) {
let packageDirectory = this.findLatestVersionDirectory(versionDirectory);
this.setVariables(packageDirectory);
}
else {
this.setVariablesWithVersion(versionDirectory, cliVersion);
}
if (!fs.existsSync(process.env.MSCA_DIRECTORY)) {
throw `MSCA CLI v${cliVersion} was not found after installation.`;
}
}
findLatestVersionDirectory(versionsDirectory, isPreRelease = false) {
let latestDirectory = null;
let latestVersionParts = null;
let latestIsPreRelease = false;
let latestPreReleaseFlag = null;
core.debug(`Searching for all version folders in: ${versionsDirectory}`);
let dirs = this.getDirectories(versionsDirectory);
for (let dirIndex = 0; dirIndex < dirs.length; dirIndex++) {
let dir = dirs[dirIndex];
if (dir == null || dir == "") {
core.debug(`Skipping null or empty directory: ${dir}`);
continue;
}
core.debug(`Evaluating MSCA directory: ${dir}`);
const dirRegex = new RegExp(/^(\d+\.?){1,6}(\-\w+)?$/g);
if (dirRegex.exec(dir) == null) {
core.debug(`Skipping invalid version directory: ${dir}`);
continue;
}
let fullVersionParts = dir.split("-");
if (fullVersionParts == null || fullVersionParts.length < 0 || fullVersionParts.length > 2) {
core.debug(`Skipping invalid version directory: ${dir}`);
}
let dirIsPreRelease = fullVersionParts.length > 1;
if (!isPreRelease && dirIsPreRelease) {
core.debug(`Skipping pre-release version directory: ${dir}`);
continue;
}
let dirPreReleaseFlag = null;
if (dirIsPreRelease) {
dirPreReleaseFlag = fullVersionParts[1];
}
let versionNumbersString = fullVersionParts[0];
let versionParts = dir.split(".");
let isLatest = latestDirectory == null || latestVersionParts == null;
if (!isLatest) {
let maxVersionParts = versionParts.length;
if (latestVersionParts.length > maxVersionParts) {
maxVersionParts = latestVersionParts.length;
}
for (let versionPartIndex = 0; versionPartIndex < versionParts.length; versionPartIndex++) {
let versionPart = 0;
let latestVersionPart = 0;
let isLastVersionPart = versionPartIndex == (maxVersionParts - 1);
if (versionPartIndex < versionParts.length) {
versionPart = parseInt(versionParts[versionPartIndex]);
}
if (versionPartIndex < latestVersionParts.length) {
latestVersionPart = parseInt(latestVersionParts[versionPartIndex]);
}
if (versionPart > latestVersionPart) {
isLatest = true;
}
else if (versionPart == latestVersionPart) {
isLatest = isLastVersionPart
&&
((isPreRelease && latestIsPreRelease && dirPreReleaseFlag > latestPreReleaseFlag)
||
(!isPreRelease && latestIsPreRelease));
}
else {
break;
}
if (isLatest) {
break;
}
}
}
if (isLatest) {
core.debug(`Setting latest version directory: ${dir}`);
latestDirectory = path.join(versionsDirectory, dir);
latestVersionParts = versionParts;
latestIsPreRelease = dirIsPreRelease;
latestPreReleaseFlag = dirPreReleaseFlag;
}
}
core.debug(`latestDirectory = ${latestDirectory}`);
return latestDirectory;
}
getDirectories(directory) {
return fs.readdirSync(directory).filter(p => this.isDirectory(directory, p));
}
isDirectory(directory, p) {
return fs.statSync(path.join(directory, p)).isDirectory();
}
setVariablesWithVersion(versionDirectory, cliVersion) {
let packageDirectory = path.join(versionDirectory, cliVersion);
core.debug(`packageDirectory = ${packageDirectory}`);
this.setVariables(packageDirectory);
}
setVariables(packageDirectory) {
let mscaDirectory = path.join(packageDirectory, 'tools');
core.debug(`mscaDirectory = ${mscaDirectory}`);
let mscaFilePath = path.join(mscaDirectory, 'guardian');
core.debug(`mscaFilePath = ${mscaFilePath}`);
process.env.MSCA_DIRECTORY = mscaDirectory;
process.env.MSCA_FILEPATH = mscaFilePath;
}
}
exports.MscaInstaller = MscaInstaller;

13
lib/msca-toolkit.proj Normal file
Просмотреть файл

@ -0,0 +1,13 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework Condition=" '$(TargetFramework)' == '' ">netcoreapp3.1</TargetFramework>
<MscaPackageName Condition=" '$(MscaPackageName)' == '' ">Microsoft.Security.CodeAnalysis.Cli</MscaPackageName>
<MscaPackageVersion Condition=" '$(MscaPackageVersion)' == '' ">0.*</MscaPackageVersion>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="$(MscaPackageName)" Version="$(MscaPackageVersion)" />
</ItemGroup>
</Project>

18
lib/package.json Normal file
Просмотреть файл

@ -0,0 +1,18 @@
{
"name": "msca-actions-toolkit",
"version": "1.0.0",
"description": "Microsoft Security Code Analysis for GitHub Actions toolkit.",
"author": "Microsoft Corporation",
"license": "MIT",
"homepage": "https://github.com/microsoft/msca-actions-toolkit",
"dependencies": {
"@actions/core": "1.2.6",
"@actions/exec": "1.0.4",
"js-yaml": "3.13.1"
},
"devDependencies": {
"@types/node": "^8.0.53",
"typescript": "^4.1.5"
},
"main": "msca-client.js"
}

154
package-lock.json сгенерированный Normal file
Просмотреть файл

@ -0,0 +1,154 @@
{
"name": "msca-actions-toolkit",
"version": "1.0.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"version": "1.0.0",
"license": "MIT",
"dependencies": {
"@actions/core": "1.2.6",
"@actions/exec": "1.0.4",
"js-yaml": "3.13.1"
},
"devDependencies": {
"@types/node": "^8.0.53",
"typescript": "^4.1.5"
}
},
"node_modules/@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
},
"node_modules/@actions/exec": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.0.4.tgz",
"integrity": "sha512-4DPChWow9yc9W3WqEbUj8Nr86xkpyE29ZzWjXucHItclLbEW6jr80Zx4nqv18QL6KK65+cifiQZXvnqgTV6oHw==",
"dependencies": {
"@actions/io": "^1.0.1"
}
},
"node_modules/@actions/io": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/@actions/io/-/io-1.0.2.tgz",
"integrity": "sha512-J8KuFqVPr3p6U8W93DOXlXW6zFvrQAJANdS+vw0YhusLIq+bszW8zmK2Fh1C2kDPX8FMvwIl1OUcFgvJoXLbAg=="
},
"node_modules/@types/node": {
"version": "8.10.66",
"resolved": "https://registry.npmjs.org/@types/node/-/node-8.10.66.tgz",
"integrity": "sha512-tktOkFUA4kXx2hhhrB8bIFb5TbwzS4uOhKEmwiD+NoiL0qtP2OQ9mFldbgD4dV1djrlBYP6eBuQZiWjuHUpqFw==",
"dev": true
},
"node_modules/argparse": {
"version": "1.0.10",
"resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz",
"integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==",
"dependencies": {
"sprintf-js": "~1.0.2"
}
},
"node_modules/esprima": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
"integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==",
"bin": {
"esparse": "bin/esparse.js",
"esvalidate": "bin/esvalidate.js"
},
"engines": {
"node": ">=4"
}
},
"node_modules/js-yaml": {
"version": "3.13.1",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz",
"integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==",
"dependencies": {
"argparse": "^1.0.7",
"esprima": "^4.0.0"
},
"bin": {
"js-yaml": "bin/js-yaml.js"
}
},
"node_modules/sprintf-js": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
"integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw="
},
"node_modules/typescript": {
"version": "4.1.5",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.1.5.tgz",
"integrity": "sha512-6OSu9PTIzmn9TCDiovULTnET6BgXtDYL4Gg4szY+cGsc3JP1dQL8qvE8kShTRx1NIw4Q9IBHlwODjkjWEtMUyA==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
},
"engines": {
"node": ">=4.2.0"
}
}
},
"dependencies": {
"@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
},
"@actions/exec": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.0.4.tgz",
"integrity": "sha512-4DPChWow9yc9W3WqEbUj8Nr86xkpyE29ZzWjXucHItclLbEW6jr80Zx4nqv18QL6KK65+cifiQZXvnqgTV6oHw==",
"requires": {
"@actions/io": "^1.0.1"
}
},
"@actions/io": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/@actions/io/-/io-1.0.2.tgz",
"integrity": "sha512-J8KuFqVPr3p6U8W93DOXlXW6zFvrQAJANdS+vw0YhusLIq+bszW8zmK2Fh1C2kDPX8FMvwIl1OUcFgvJoXLbAg=="
},
"@types/node": {
"version": "8.10.66",
"resolved": "https://registry.npmjs.org/@types/node/-/node-8.10.66.tgz",
"integrity": "sha512-tktOkFUA4kXx2hhhrB8bIFb5TbwzS4uOhKEmwiD+NoiL0qtP2OQ9mFldbgD4dV1djrlBYP6eBuQZiWjuHUpqFw==",
"dev": true
},
"argparse": {
"version": "1.0.10",
"resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz",
"integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==",
"requires": {
"sprintf-js": "~1.0.2"
}
},
"esprima": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
"integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A=="
},
"js-yaml": {
"version": "3.13.1",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz",
"integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==",
"requires": {
"argparse": "^1.0.7",
"esprima": "^4.0.0"
}
},
"sprintf-js": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
"integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw="
},
"typescript": {
"version": "4.1.5",
"resolved": "https://registry.npmjs.org/typescript/-/typescript-4.1.5.tgz",
"integrity": "sha512-6OSu9PTIzmn9TCDiovULTnET6BgXtDYL4Gg4szY+cGsc3JP1dQL8qvE8kShTRx1NIw4Q9IBHlwODjkjWEtMUyA==",
"dev": true
}
}
}

5
package.json
Просмотреть файл

@ -4,12 +4,15 @@
"description": "Microsoft Security Code Analysis for GitHub Actions toolkit.",
"author": "Microsoft Corporation",
"license": "MIT",
"homepage": "https://github.com/microsoft/msca-actions-toolkit",
"dependencies": {
"@actions/core": "1.2.6",
"@actions/exec": "1.0.4",
"js-yaml": "3.13.1"
},
"devDependencies": {
"@types/node": "^8.0.53",
"typescript": "^4.1.5"
}
},
"main": "msca-client.js"
}

16
src/msca-toolkit.ts → src/msca-client.ts
Просмотреть файл

@ -36,32 +36,33 @@ export class MscaClient {
return !value || !value.trim();
}
async init() {
getCliFilePath() : string {
let cliFilePath: string = process.env.MSCA_FILEPATH;
core.debug(`cliFilePath = ${cliFilePath}`);
return cliFilePath;
}
async init() {
try {
let cliFilePath = this.getCliFilePath();
await exec.exec(cliFilePath, ['init', '--force']);
}
catch (error) {
core.debug(error.Message);
core.debug(error);
}
}
async run(inputArgs: string[]) {
let cliFilePath: string = null;
let args: [];
let args: string[] = [];
try {
await this.setupEnvironment();
await this.init();
cliFilePath: string = process.env.MSCA_FILEPATH;
cliFilePath = process.env.MSCA_FILEPATH;
core.debug(`cliFilePath = ${cliFilePath}`);
args.push['run'];
if (inputArgs != null)
{
for (let i = 0; i < inputArgs.length; i++)
@ -86,7 +87,6 @@ export class MscaClient {
args.push('--export-breaking-results-to-file');
args.push(`${sarifFile}`);
} catch (error) {
error('Exception occurred while initializing MSCA:');
error(error);

51
src/msca-installer.ts
Просмотреть файл

@ -10,14 +10,14 @@ export class MscaInstaller {
console.log('Installing Microsoft Security Code Analysis Cli...');
if (process.env.MSCA_FILEPATH) {
console.log(`MSCA Cli File Path overriden by %MSCA_FILEPATH%: ${process.env.MSCA_FILEPATH}`);
console.log(`MSCA CLI File Path overriden by %MSCA_FILEPATH%: ${process.env.MSCA_FILEPATH}`);
return
}
if (process.env.MSCA_DIRECTORY) {
console.log(`MSCA Cli Directory overriden by %MSCA_DIRECTORY%: ${process.env.MSCA_DIRECTORY}`);
console.log(`MSCA CLI Directory overriden by %MSCA_DIRECTORY%: ${process.env.MSCA_DIRECTORY}`);
// Set the mscai file path
// Set the file path
let mscaFilePath = path.join(process.env.MSCA_DIRECTORY, 'guardian');
core.debug(`mscaFilePath = ${mscaFilePath}`);
@ -86,19 +86,19 @@ export class MscaInstaller {
}
isInstalled(
mscaVersionsDirectory: string,
versionsDirectory: string,
cliVersion: string) : boolean {
let installed = false;
if (cliVersion.includes("*")) {
core.debug(`MSCA Cli version contains a latest quantifier: ${cliVersion}. Continuing with install...`);
core.debug(`MSCA CLI version contains a latest quantifier: ${cliVersion}. Continuing with install...`);
return installed;
}
this.setMscaiVariablesWithVersion(mscaVersionsDirectory, cliVersion);
this.setVariablesWithVersion(versionsDirectory, cliVersion);
if (fs.existsSync(process.env.MSCA_DIRECTORY)) {
console.log(`MSCA Cli v${cliVersion} already installed.`);
console.log(`MSCA CLI v${cliVersion} already installed.`);
installed = true;
}
@ -106,24 +106,22 @@ export class MscaInstaller {
}
resolvePackageDirectory(
mscaVersionsDirectory: string,
versionDirectory: string,
cliVersion: string) : void {
if (cliVersion.includes("*")) {
// find the latest directory
let mscaPackageDirectory = this.findLatestVersionDirectory(mscaVersionsDirectory);
this.setMscaiVariables(mscaPackageDirectory);
let packageDirectory = this.findLatestVersionDirectory(versionDirectory);
this.setVariables(packageDirectory);
} else {
this.setMscaiVariablesWithVersion(mscaVersionsDirectory, cliVersion);
this.setVariablesWithVersion(versionDirectory, cliVersion);
}
if (!fs.existsSync(process.env.MSCA_DIRECTORY)) {
throw `Microsoft Security Code Analysis Cli v${cliVersion} was not found after installation.`
throw `MSCA CLI v${cliVersion} was not found after installation.`
}
}
findLatestVersionDirectory(
mscaVersionsDirectory: string,
isPreRelease: boolean = false) : string {
findLatestVersionDirectory(versionsDirectory: string, isPreRelease: boolean = false) : string {
let latestDirectory = null;
let latestVersionParts = null;
@ -131,8 +129,8 @@ export class MscaInstaller {
let latestPreReleaseFlag = null;
// Get all of the directories in the versions directory
core.debug(`Searching for all version folders in: ${mscaVersionsDirectory}`);
let dirs = this.getDirectories(mscaVersionsDirectory);
core.debug(`Searching for all version folders in: ${versionsDirectory}`);
let dirs = this.getDirectories(versionsDirectory);
// Evaluate each directory
for (let dirIndex = 0; dirIndex < dirs.length; dirIndex++) {
@ -143,7 +141,7 @@ export class MscaInstaller {
continue;
}
core.debug(`Evaluating mscai directory: ${dir}`);
core.debug(`Evaluating MSCA directory: ${dir}`);
// If we reuse the same RegExp object, it will return null every other call
const dirRegex = new RegExp(/^(\d+\.?){1,6}(\-\w+)?$/g);
if (dirRegex.exec(dir) == null) {
@ -223,7 +221,7 @@ export class MscaInstaller {
if (isLatest) {
core.debug(`Setting latest version directory: ${dir}`);
latestDirectory = path.join(mscaVersionsDirectory, dir);
latestDirectory = path.join(versionsDirectory, dir);
latestVersionParts = versionParts;
latestIsPreRelease = dirIsPreRelease;
latestPreReleaseFlag = dirPreReleaseFlag;
@ -246,18 +244,15 @@ export class MscaInstaller {
return fs.statSync(path.join(directory, p)).isDirectory();
}
setMscaiVariablesWithVersion(
mscaVersionsDirectory: string,
cliVersion: string) : void {
setVariablesWithVersion(versionDirectory: string, cliVersion: string) : void {
let packageDirectory = path.join(versionDirectory, cliVersion)
core.debug(`packageDirectory = ${packageDirectory}`);
let mscaPackageDirectory = path.join(mscaVersionsDirectory, cliVersion)
core.debug(`mscaPackageDirectory = ${mscaPackageDirectory}`);
this.setMscaiVariables(mscaPackageDirectory);
this.setVariables(packageDirectory);
}
setMscaiVariables(mscaPackageDirectory: string) : void {
let mscaDirectory = path.join(mscaPackageDirectory, 'tools');
setVariables(packageDirectory: string) : void {
let mscaDirectory = path.join(packageDirectory, 'tools');
core.debug(`mscaDirectory = ${mscaDirectory}`);
let mscaFilePath = path.join(mscaDirectory, 'guardian');