Github provider: Add support for checks API

This commit adds support for the checks API in the github provider. Signed-off-by: Adolfo García Veytia (puerco) <puerco@stacklok.com>
mindersec · May 16, 2024 · 8fa8d27 · 8fa8d27
1 parent 61b0b5f
commit 8fa8d27
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/internal/providers/github/common.go b/internal/providers/github/common.go
@@ -55,6 +55,10 @@ const (
 	DefaultRateLimitWaitTime = 1 * time.Minute
 
 	githubBranchNotFoundMsg = "Branch not found"
+
+	// ErroNoCheckPerissions is a fixed error returned when the credentialed
+	// identity has not been authorized to use the checks API
+	ErroNoCheckPerissions = error("missing permissions: check")
 )
 
 var (
@@ -976,3 +980,33 @@ func NewFallbackTokenClient(appConfig config.ProviderConfig) *github.Client {
 	packageListingClient = github.NewClient(fallbackTokenTC)
 	return packageListingClient
 }
+
+// StartCheck creates a new security advisory
+func (c *GitHub) StartCheck(ctx context.Context, owner, repo string, opts *github.CreateCheckRunOptions) (*github.CheckRun, error) {
+	if opts.StartedAt == nil {
+		opts.StartedAt = &github.Timestamp{Time: time.Now()}
+	}
+
+	run, resp, err := c.client.Checks.CreateCheckRun(ctx, owner, repo, *opts)
+	if err != nil {
+		// If error is 403 then it means we are missing permissions
+		if resp.StatusCode == 403 {
+			return nil, fmt.Errorf("missing permissions: check")
+		}
+		return nil, ErroNoCheckPerissions
+	}
+	return run, nil
+}
+
+// UpdateCheck updates an existing check
+func (c *GitHub) UpdateCheck(ctx context.Context, owner, repo string, checkRunID int64, opts *github.UpdateCheckRunOptions) (*github.CheckRun, error) {
+	run, resp, err := c.client.Checks.UpdateCheckRun(ctx, owner, repo, checkRunID, *opts)
+	if err != nil {
+		// If error is 403 then it means we are missing permissions
+		if resp.StatusCode == 403 {
+			return nil, ErroNoCheckPerissions
+		}
+		return nil, fmt.Errorf("updating check: %w", err)
+	}
+	return run, nil
+}
diff --git a/pkg/providers/v1/providers.go b/pkg/providers/v1/providers.go
@@ -122,6 +122,8 @@ type GitHub interface {
 	) ([]*github.IssueComment, error)
 	UpdateIssueComment(ctx context.Context, owner, repo string, number int64, comment string) error
 	AddAuthToPushOptions(ctx context.Context, options *git.PushOptions) error
+	StartCheck(context.Context, string, string, *github.CreateCheckRunOptions) (*github.CheckRun, error)
+	UpdateCheck(context.Context, string, string, int64, *github.UpdateCheckRunOptions) (*github.CheckRun, error)
 }
 
 // ImageLister is the interface for listing images