From 8ec5124551af5d1647bed5d15d56f09def31b1e8 Mon Sep 17 00:00:00 2001 From: Eugene Yakubovich Date: Tue, 7 Nov 2023 12:38:28 -0800 Subject: [PATCH 1/2] Add config input Allow a Syft configuration file to be passed to the action. Signed-off-by: Eugene Yakubovich --- README.md | 1 + action.yml | 4 ++++ dist/attachReleaseAssets/index.js | 4 ++++ dist/downloadSyft/index.js | 4 ++++ dist/runSyftAction/index.js | 4 ++++ src/Syft.ts | 1 + src/github/SyftGithubAction.ts | 5 +++++ tests/SyftGithubAction.test.ts | 15 +++++++++++++++ 8 files changed, 38 insertions(+) diff --git a/README.md b/README.md index 86ed1e41..3772c31e 100644 --- a/README.md +++ b/README.md @@ -139,6 +139,7 @@ and uploading them as workflow artifacts and release assets. | `upload-release-assets` | Upload release assets | `true` | | `syft-version` | The version of Syft to use | | | `github-token` | Authorized secret GitHub Personal Access Token. | `github.token` | +| `config ` | Syft configuration file to use. | | ### anchore/sbom-action/publish-sbom diff --git a/action.yml b/action.yml index 665c33a7..3c6f3f3b 100644 --- a/action.yml +++ b/action.yml @@ -73,6 +73,10 @@ inputs: description: "Upload release assets" default: "true" + config: + required: false + description: "Configuration file to use" + runs: using: "node16" main: "dist/runSyftAction/index.js" diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js index 40a599f3..f61200f8 100644 --- a/dist/attachReleaseAssets/index.js +++ b/dist/attachReleaseAssets/index.js @@ -24062,6 +24062,9 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } + if (opts.config_file) { + args = [...args, "-c", opts.config_file]; + } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); // This /dev/null writable stream is required so the entire contents @@ -24256,6 +24259,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), + config_file: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js index 74d47a8a..f46cdd21 100644 --- a/dist/downloadSyft/index.js +++ b/dist/downloadSyft/index.js @@ -24110,6 +24110,9 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } + if (opts.config_file) { + args = [...args, "-c", opts.config_file]; + } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); // This /dev/null writable stream is required so the entire contents @@ -24304,6 +24307,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), + config_file: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js index d97720b1..e552d313 100644 --- a/dist/runSyftAction/index.js +++ b/dist/runSyftAction/index.js @@ -24062,6 +24062,9 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } + if (opts.config_file) { + args = [...args, "-c", opts.config_file]; + } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); // This /dev/null writable stream is required so the entire contents @@ -24256,6 +24259,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), + config_file: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/src/Syft.ts b/src/Syft.ts index cfe6ef68..44fb825e 100644 --- a/src/Syft.ts +++ b/src/Syft.ts @@ -47,4 +47,5 @@ export interface SyftOptions { | "text" | "json"; uploadToDependencySnapshotAPI: boolean; + config_file: string; } diff --git a/src/github/SyftGithubAction.ts b/src/github/SyftGithubAction.ts index 4cc89cd2..cfce1076 100644 --- a/src/github/SyftGithubAction.ts +++ b/src/github/SyftGithubAction.ts @@ -150,6 +150,10 @@ async function executeSyft({ args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } + if (opts.config_file) { + args = [...args, "-c", opts.config_file]; + } + // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); @@ -367,6 +371,7 @@ export async function runSyftAction(): Promise { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), + config_file: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); diff --git a/tests/SyftGithubAction.test.ts b/tests/SyftGithubAction.test.ts index 190504ad..ed62205c 100644 --- a/tests/SyftGithubAction.test.ts +++ b/tests/SyftGithubAction.test.ts @@ -403,4 +403,19 @@ describe("Action", () => { expect(mapToWSLPath("D:\\Some\\Path")).toBe("/mnt/d/Some/Path"); expect(mapToWSLPath("C:\\Some\\Path")).toBe("/mnt/c/Some/Path"); }); + + it("calls with config", async () => { + setData({ + inputs: { + image: "some-image:latest", + config: "syft-config.yaml", + } + }); + + await action.runSyftAction(); + const { cmd, args, env } = data.execArgs; + + expect(args).toContain("-c"); + expect(args).toContain("syft-config.yaml"); + }); }); From 5d184c9702dea1031bce9fb991760b1552d22d6a Mon Sep 17 00:00:00 2001 From: Will Murphy Date: Mon, 27 Nov 2023 08:40:42 -0500 Subject: [PATCH 2/2] rename config_file to configFile Signed-off-by: Will Murphy --- dist/attachReleaseAssets/index.js | 6 +++--- dist/downloadSyft/index.js | 6 +++--- dist/runSyftAction/index.js | 6 +++--- src/Syft.ts | 2 +- src/github/SyftGithubAction.ts | 6 +++--- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js index f61200f8..bde87669 100644 --- a/dist/attachReleaseAssets/index.js +++ b/dist/attachReleaseAssets/index.js @@ -24062,8 +24062,8 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } - if (opts.config_file) { - args = [...args, "-c", opts.config_file]; + if (opts.configFile) { + args = [...args, "-c", opts.configFile]; } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); @@ -24259,7 +24259,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), - config_file: core.getInput("config"), + configFile: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js index f46cdd21..52d93edf 100644 --- a/dist/downloadSyft/index.js +++ b/dist/downloadSyft/index.js @@ -24110,8 +24110,8 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } - if (opts.config_file) { - args = [...args, "-c", opts.config_file]; + if (opts.configFile) { + args = [...args, "-c", opts.configFile]; } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); @@ -24307,7 +24307,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), - config_file: core.getInput("config"), + configFile: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js index e552d313..679bc962 100644 --- a/dist/runSyftAction/index.js +++ b/dist/runSyftAction/index.js @@ -24062,8 +24062,8 @@ function executeSyft(_a) { // generate github dependency format args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } - if (opts.config_file) { - args = [...args, "-c", opts.config_file]; + if (opts.configFile) { + args = [...args, "-c", opts.configFile]; } // Execute in a group so the syft output is collapsed in the GitHub log core.info(`[command]${cmd} ${args.join(" ")}`); @@ -24259,7 +24259,7 @@ function runSyftAction() { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), - config_file: core.getInput("config"), + configFile: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`); if (output) { diff --git a/src/Syft.ts b/src/Syft.ts index 44fb825e..73e1ba40 100644 --- a/src/Syft.ts +++ b/src/Syft.ts @@ -47,5 +47,5 @@ export interface SyftOptions { | "text" | "json"; uploadToDependencySnapshotAPI: boolean; - config_file: string; + configFile: string; } diff --git a/src/github/SyftGithubAction.ts b/src/github/SyftGithubAction.ts index cfce1076..0c8240cd 100644 --- a/src/github/SyftGithubAction.ts +++ b/src/github/SyftGithubAction.ts @@ -150,8 +150,8 @@ async function executeSyft({ args = [...args, "-o", `github=${githubDependencySnapshotFile}`]; } - if (opts.config_file) { - args = [...args, "-c", opts.config_file]; + if (opts.configFile) { + args = [...args, "-c", opts.configFile]; } // Execute in a group so the syft output is collapsed in the GitHub log @@ -371,7 +371,7 @@ export async function runSyftAction(): Promise { }, format: getSbomFormat(), uploadToDependencySnapshotAPI: uploadToSnapshotAPI(), - config_file: core.getInput("config"), + configFile: core.getInput("config"), }); core.info(`SBOM scan completed in: ${(Date.now() - start) / 1000}s`);