Merge pull request #22 from UlisesGascon/feat/12

Added support for custom tags in the markdown report

README.md

@@ -103,6 +103,9 @@ jobs:
 - `issue-title`: Defines the issue title
 - `github-token`: The token usage to create the issue and push the code
 - `max-request-in-parallel`: Defines the total HTTP Request that can be done in parallel
+- `report-tags-enabled`: Defines if the markdown report must be created/updated around tags by default is disabled. This is useful if the report is going to be include in a file that has other content on it, like docusaurus docs site or similar.
+- `report-start-tag`: Defines the start tag, default `<!-- OPENSSF-SCORECARD-MONITOR:START -->`
+- `report-end-tag` Defines the closing tag, default `<!-- OPENSSF-SCORECARD-MONITOR:END -->`
 
 
 ### Outputs

action.yml

@@ -25,6 +25,17 @@ inputs:
  description: 'Title of the issue to be generated'
  required: false
  default: "OpenSSF Scorecard Report Updated!"
+ report-tags-enabled:
+ description: 'Enable the use of tags in the report'
+ required: false
+ report-start-tag:
+ description: 'Start tag to be used in the report'
+ required: false
+ default: "<!-- OPENSSF-SCORECARD-MONITOR:START -->"
+ report-end-tag:
+ description: 'End tag to be used in the report'
+ required: false
+ default: "<!-- OPENSSF-SCORECARD-MONITOR:END -->"
  github-token:
  description: 'Token to access the repository'
  required: true

dist/index.js

@@ -6256,6 +6256,38 @@ exports.softAssign = softAssign;
 
 /***/ }),
 
+/***/ 7794:
+/***/ ((__unused_webpack_module, exports) => {
+
+"use strict";
+
+exports.__esModule = true;
+exports.updateOrCreateSegment = void 0;
+function updateOrCreateSegment(settings) {
+ var original = settings.original, replacementSegment = settings.replacementSegment, startTag = settings.startTag, endTag = settings.endTag;
+ if ([original, replacementSegment, startTag, endTag].some(function (prop) { return typeof prop !== 'string'; })) {
+ throw new Error('settings must be an object with the following properties as string values: original, replacementSegment, startTag, endTag');
+ }
+ var startTagIndex = original.indexOf(startTag);
+ var endTagIndex = original.indexOf(endTag);
+ if ((startTagIndex === -1 && endTagIndex > -1) || (endTagIndex === -1 && startTagIndex > -1)) {
+ throw new Error("Only one tag found in the content, expected to find both '".concat(startTag, "' and '").concat(endTag, "'"));
+ }
+ if (startTagIndex > endTagIndex) {
+ throw new Error("The tags are not in the correct order, expected to find '".concat(startTag, "' before '").concat(endTag, "'"));
+ }
+ if (startTagIndex === -1 && endTagIndex === -1) {
+ return "".concat(startTag, "\n").concat(replacementSegment, "\n").concat(endTag);
+ }
+ var contentBefore = original.slice(0, startTagIndex);
+ var contentAfter = original.slice(endTagIndex + endTag.length);
+ return "".concat(contentBefore).concat(startTag, "\n").concat(replacementSegment, "\n").concat(endTag).concat(contentAfter);
+}
+exports.updateOrCreateSegment = updateOrCreateSegment;
+//# sourceMappingURL=index.js.map
+
+/***/ }),
+
 /***/ 3682:
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
@@ -20350,6 +20382,8 @@ const { normalizeBoolean } = __nccwpck_require__(6446)
 const { readFile, writeFile, stat } = (__nccwpck_require__(7147).promises)
 
 const { isDifferent } = __nccwpck_require__(9497)
+const { updateOrCreateSegment } = __nccwpck_require__(7794)
+
 const { generateScores } = __nccwpck_require__(4351)
 
 async function run () {
@@ -20367,6 +20401,9 @@ async function run () {
  const autoCommit = normalizeBoolean(core.getInput('auto-commit'))
  const issueTitle = core.getInput('issue-title') || 'OpenSSF Scorecard Report Updated!'
  const githubToken = core.getInput('github-token')
+ const reportTagsEnabled = normalizeBoolean(core.getInput('report-tags-enabled'))
+ const startTag = core.getInput('report-start-tag') || '<!-- OPENSSF-SCORECARD-MONITOR:START -->'
+ const endTag = core.getInput('report-end-tag') || '<!-- OPENSSF-SCORECARD-MONITOR:END -->'
 
  // Error Handling
  // @TODO: Validate Schemas
@@ -20381,6 +20418,7 @@ async function run () {
  core.info('Checking Scope...')
  const scope = await readFile(scopePath, 'utf8').then(content => JSON.parse(content))
  let database = {}
+ let originalReportContent = ''
 
  // Check if database exists
  try {
@@ -20391,6 +20429,17 @@ async function run () {
  core.info('Database does not exist, creating new database')
  }
 
+ // Check if report exists as the content will be used to update the report with the tags
+ if (reportTagsEnabled) {
+ try {
+ core.info('Checking if report exists...')
+ await stat(reportPath)
+ originalReportContent = await readFile(reportPath, 'utf8')
+ } catch (error) {
+ core.info('Previous Report does not exist, ignoring previous content for tags...')
+ }
+ }
+
  // PROCESS
  core.info('Generating scores...')
  const { reportContent, issueContent, database: newDatabaseState } = await generateScores({ scope, database, maxRequestInParallel })
@@ -20406,7 +20455,14 @@ async function run () {
  // Save changes
  core.info('Saving changes to database and report')
  await writeFile(databasePath, JSON.stringify(newDatabaseState, null, 2))
- await writeFile(reportPath, reportContent)
+ await writeFile(reportPath, reportTagsEnabled
+ ? reportContent
+ : updateOrCreateSegment({
+ original: originalReportContent,
+ replacementSegment: reportContent,
+ startTag,
+ endTag
+ }))
 
  // Commit changes
  // @see: https://github.com/actions/checkout#push-a-commit-using-the-built-in-token

package.json

@@ -46,6 +46,7 @@
  "@ulisesgascon/array-to-chunks": "1.0.1",
  "@ulisesgascon/is-different": "1.0.0",
  "@ulisesgascon/soft-assign-deep-property": "1.0.0",
+ "@ulisesgascon/text-tags-manager": "^1.0.0",
  "@vercel/ncc": "0.36.1",
  "ejs": "3.1.8",
  "got": "11.8.6",

src/action.js

@@ -6,6 +6,8 @@ const { normalizeBoolean } = require('normalize-boolean')
 const { readFile, writeFile, stat } = require('fs').promises
 
 const { isDifferent } = require('@ulisesgascon/is-different')
+const { updateOrCreateSegment } = require('@ulisesgascon/text-tags-manager')
+
 const { generateScores } = require('./')
 
 async function run () {
@@ -23,6 +25,9 @@ async function run () {
  const autoCommit = normalizeBoolean(core.getInput('auto-commit'))
  const issueTitle = core.getInput('issue-title') || 'OpenSSF Scorecard Report Updated!'
  const githubToken = core.getInput('github-token')
+ const reportTagsEnabled = normalizeBoolean(core.getInput('report-tags-enabled'))
+ const startTag = core.getInput('report-start-tag') || '<!-- OPENSSF-SCORECARD-MONITOR:START -->'
+ const endTag = core.getInput('report-end-tag') || '<!-- OPENSSF-SCORECARD-MONITOR:END -->'
 
  // Error Handling
  // @TODO: Validate Schemas
@@ -37,6 +42,7 @@ async function run () {
  core.info('Checking Scope...')
  const scope = await readFile(scopePath, 'utf8').then(content => JSON.parse(content))
  let database = {}
+ let originalReportContent = ''
 
  // Check if database exists
  try {
@@ -47,6 +53,17 @@ async function run () {
  core.info('Database does not exist, creating new database')
  }
 
+ // Check if report exists as the content will be used to update the report with the tags
+ if (reportTagsEnabled) {
+ try {
+ core.info('Checking if report exists...')
+ await stat(reportPath)
+ originalReportContent = await readFile(reportPath, 'utf8')
+ } catch (error) {
+ core.info('Previous Report does not exist, ignoring previous content for tags...')
+ }
+ }
+
  // PROCESS
  core.info('Generating scores...')
  const { reportContent, issueContent, database: newDatabaseState } = await generateScores({ scope, database, maxRequestInParallel })
@@ -62,7 +79,14 @@ async function run () {
  // Save changes
  core.info('Saving changes to database and report')
  await writeFile(databasePath, JSON.stringify(newDatabaseState, null, 2))
- await writeFile(reportPath, reportContent)
+ await writeFile(reportPath, reportTagsEnabled
+ ? reportContent
+ : updateOrCreateSegment({
+ original: originalReportContent,
+ replacementSegment: reportContent,
+ startTag,
+ endTag
+ }))
 
  // Commit changes
  // @see: https://github.com/actions/checkout#push-a-commit-using-the-built-in-token