Add detector inputs
Optional but if any are provided, then all are required
This commit is contained in:
Lewis Jones
@@ -27,6 +27,15 @@ inputs:
|
||||
correlator:
|
||||
description: 'An optional identifier to distinguish between multiple dependency snapshots of the same type.'
|
||||
required: false
|
||||
detector-name:
|
||||
description: 'The name of the detector. If provided, detector-version and detector-url must also be provided.'
|
||||
required: false
|
||||
detector-version:
|
||||
description: 'The version of the detector. If provided, detector-name and detector-url must also be provided.'
|
||||
required: false
|
||||
detector-url:
|
||||
description: 'The URL of the detector. If provided, detector-name and detector-version must also be provided.'
|
||||
required: false
|
||||
runs:
|
||||
using: 'node20'
|
||||
main: 'dist/index.js'
|
||||
|
||||
50
index.ts
50
index.ts
@@ -13,23 +13,49 @@ import {
|
||||
import ComponentDetection from './componentDetection';
|
||||
|
||||
async function run() {
|
||||
let manifests = await ComponentDetection.scanAndGetManifests(core.getInput('filePath'));
|
||||
const correlatorInput = core.getInput('correlator')?.trim() || github.context.job;
|
||||
|
||||
let snapshot = new Snapshot({
|
||||
name: "Component Detection",
|
||||
version: "0.0.1",
|
||||
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
||||
},
|
||||
github.context,
|
||||
{
|
||||
let manifests = await ComponentDetection.scanAndGetManifests(
|
||||
core.getInput("filePath")
|
||||
);
|
||||
const correlatorInput =
|
||||
core.getInput("correlator")?.trim() || github.context.job;
|
||||
|
||||
// Get detector configuration inputs
|
||||
const detectorName = core.getInput("detector-name")?.trim();
|
||||
const detectorVersion = core.getInput("detector-version")?.trim();
|
||||
const detectorUrl = core.getInput("detector-url")?.trim();
|
||||
|
||||
// Validate that if any detector config is provided, all must be provided
|
||||
const hasAnyDetectorInput = detectorName || detectorVersion || detectorUrl;
|
||||
const hasAllDetectorInputs = detectorName && detectorVersion && detectorUrl;
|
||||
|
||||
if (hasAnyDetectorInput && !hasAllDetectorInputs) {
|
||||
core.setFailed(
|
||||
"If any detector configuration is provided (detector-name, detector-version, detector-url), all three must be provided."
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
// Use provided detector config or defaults
|
||||
const detector = hasAllDetectorInputs
|
||||
? {
|
||||
name: detectorName,
|
||||
version: detectorVersion,
|
||||
url: detectorUrl,
|
||||
}
|
||||
: {
|
||||
name: "Component Detection",
|
||||
version: "0.0.1",
|
||||
url: "https://github.com/advanced-security/component-detection-dependency-submission-action",
|
||||
};
|
||||
|
||||
let snapshot = new Snapshot(detector, github.context, {
|
||||
correlator: correlatorInput,
|
||||
id: github.context.runId.toString()
|
||||
id: github.context.runId.toString(),
|
||||
});
|
||||
|
||||
core.debug(`Manifests: ${manifests?.length}`);
|
||||
|
||||
manifests?.forEach(manifest => {
|
||||
manifests?.forEach((manifest) => {
|
||||
core.debug(`Manifest: ${JSON.stringify(manifest)}`);
|
||||
snapshot.addManifest(manifest);
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user