Skip to content

Commit

Permalink
Change the permissions on the entrypoint file
Browse files Browse the repository at this point in the history
  • Loading branch information
@owenrumney
owenrumney committed Oct 27, 2020
1 parent 7a2e83d commit 77a5deb
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 9 deletions.
14 changes: 12 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,11 @@ Example usage

```yaml
name: tfsec
on: [pull_request]
on:
push:
branches:
- main
pull_request:
jobs:
tfsec:
name: tfsec sarif report
Expand All @@ -22,5 +26,11 @@ jobs:
uses: tfsec/tfsec-sarif-action@master
with:
github_token: ${{ secrets.github_token }}

branch: ${{ github.head_ref }}

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v1
with:
# Path to SARIF file relative to the root of the repository
sarif_file: .sarif/tfsec.sarif
```
2 changes: 2 additions & 0 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ inputs:
Directory to run the action on, from the repo root.
Default is . ( root of the repository)
default: '.'
sarif_file:
description: The path to write the sarif report, defaults to tfsec.sarif
outputs:
tfsec-return-code:
description: 'tfsec command return code'
Expand Down
18 changes: 11 additions & 7 deletions entrypoint.sh
100644 → 100755
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,24 @@
#!/bin/bash

set -x

if [ -n "${GITHUB_WORKSPACE}" ]; then
cd "${GITHUB_WORKSPACE}" || exit
fi

mkdir -p .sarif

tfsec --format=sarif "${INPUT_WORKING_DIRECTORY}" >> .sarif/tfsec.sarif
tfsec --format=sarif "${INPUT_WORKING_DIRECTORY}" > ${INPUT_SARIF_FILE}

tfsec_return="${PIPESTATUS[0]}" exit_code=$?

echo ::set-output name=tfsec-return-code::"${tfsec_return}"

sh -c "git config --global user.name '${GITHUB_ACTOR}' \
&& git config --global user.email '${GITHUB_ACTOR}@users.noreply.github.com' \
&& git add -A && git commit -m '$*' --allow-empty \
&& git push -u origin HEAD"
# echo "Input branch is ${INPUT_BRANCH}"

# sh -c "git remote add origin ${INPUT_BRANCH} || git fetch --unshallow origin"

# sh -c "git config --global user.name '${GITHUB_ACTOR}' \
# && git config --global user.email '${GITHUB_ACTOR}@users.noreply.github.com' \
# && git add .sarif/tfsec.sarif && git commit -m 'Updating tfsec.sarif file' --allow-empty \
# && git push -u origin HEAD:${INPUT_BRANCH} --force"

exit $exit_code

0 comments on commit 77a5deb

Please sign in to comment.