Merge branch 'master' into feat/allow-disable-annotation

Mickaël Villers · web-flow · commit aaa586add240 · 2022-11-04T21:56:29.000+01:00
diff --git a/.github/workflows/test_action.yaml b/.github/workflows/test_action.yaml
@@ -20,6 +20,7 @@ jobs:
           output_formats: sarif
           ignore_on_exit: results
           enable_comments: true
+          enable_jobs_summary: true
           comments_with_queries: true
           excluded_column_for_comments_with_queries: "description_id,similarity_id,search_line,search_value,cis_description_id,cis_description_title,cis_description_text,cloud_provider"
       - run: ls -la && ls -la myoutput
diff --git a/README.md b/README.md
@@ -6,7 +6,7 @@
 
 - [KICS Github Action](#kics-github-action)
   - [Integrate KICS into your GitHub workflows](#integrate-kics-into-your-github-workflows)
-      - [Supported Platforms](#supported-platforms)
+    - [Supported Platforms](#supported-platforms)
     - [Please find more info in the official website: <a href="https://kics.io">kics.io</a>](#please-find-more-info-in-the-official-website-kicsio)
   - [Inputs](#inputs)
   - [Simple usage example](#simple-usage-example)
@@ -76,6 +76,7 @@ And ensure that you're using the <a href="https://github.com/Checkmarx/kics-gith
 | enable_comment                            | true                                                   | Enable pull request report comments                                                                                                                         | Boolean | No       | false                                                  |
 | disable_annotations                       | true                                                   | Disable annotations report                                                                                                                                  | Boolean | No       | false                                                  |
 | comments_with_queries                     | true                                                   | Add queries in th pull request report comments (available when enable_comments = true)                                                                      | Boolean | No       | false                                                  |
+| enable_jobs_summary                       | true                                                   | Enable report as jobs summary                                                                                                                               | Boolean | No       | false                                                  |
 | excluded_column_for_comments_with_queries | description_id,similarity_id,search_line,search_value  | Excluded columns for the comment with queries, accepts a comma separated list                                                                               | String  | No       | description_id,similarity_id,search_line,search_value  |
 | path                                      | terraform/main.tf,Dockerfile                           | paths to a file or directories to scan, comma separated list                                                                                                | String  | Yes      | N/A                                                    |
 | ignore_on_exit                            | results                                                | defines which non-zero exit codes should be ignored (all, results, errors, none)                                                                            | String  | No       | none                                                   |
@@ -238,16 +239,16 @@ You can only enable one profiler at a time, CPU or MEM.
 
 ```yaml
     steps:
-    - uses: actions/checkout@v3
-    - name: run kics Scan
-      uses: checkmarx/kics-github-action@v1.6
-      with:
-        path: 'terraform'
-        profiling: MEM
-        output_path: myResults/
-    - name: display kics results
-      run: |
-        cat myResults/results.json
+      - uses: actions/checkout@v3
+      - name: run kics Scan
+        uses: checkmarx/kics-github-action@v1.6
+        with:
+          path: 'terraform'
+          profiling: MEM
+          output_path: myResults/
+      - name: display kics results
+        run: |
+          cat myResults/results.json
 ```
 
 ## Uploading SARIF report
diff --git a/action.yml b/action.yml
@@ -14,6 +14,10 @@ inputs:
     required: false
     default: "false"
     description: "Enable pull request report comments"
+  enable_jobs_summary:
+    required: false
+    default: "false"
+    description: "Enable report as jobs summary"
   comments_with_queries:
     required: false
     default: "false"
@@ -111,6 +115,7 @@ runs:
     INPUT_OUTPUT_PATH: ${{ inputs.output_path }}
     INPUT_DISABLE_ANNOTATIONS: ${{ inputs.disable_annotations }}
     INPUT_ENABLE_COMMENTS: ${{ inputs.enable_comments }}
+    INPUT_ENABLE_JOBS_SUMMARY: ${{ inputs.enable_jobs_summary }}
     INPUT_COMMENTS_WITH_QUERIES: ${{ inputs.comments_with_queries }}
     INPUT_EXCLUDED_COLUMNS_FOR_COMMENTS_WITH_QUERIES: ${{ inputs.excluded_column_for_comments_with_queries }}
     INPUT_OUTPUT_FORMATS: ${{ inputs.output_formats }}
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -19,7 +19,7 @@
   },
   "homepage": "https://github.com/Checkmarx/kics-github-action#readme",
   "dependencies": {
-    "@actions/core": "^1.6.0",
+    "@actions/core": "^1.10.0",
     "@actions/exec": "^1.1.0",
     "@actions/github": "^5.0.0",
     "@actions/io": "^1.1.1",
diff --git a/src/commenter.js b/src/commenter.js
@@ -1,4 +1,5 @@
 const moment = require('moment')
+const { summary } = require('@actions/core/lib/summary');
 
 const kicsLogo = "https://user-images.githubusercontent.com/74597872/143567454-f65ad285-00d8-4875-845d-568d2e67d868.png"
 const severityOrder = ["HIGH", "MEDIUM", "LOW", "INFO", "TRACE"];
@@ -158,6 +159,12 @@ async function postPRComment(results, repo, prNumber, octokit, commentWithQuerie
     }
 }
 
+async function postJobSummary(results, commentWithQueries = false, excludedColumnsForCommentsWithQueries) {
+    const message = createComment(results, commentWithQueries, excludedColumnsForCommentsWithQueries);
+    await summary.addRaw(message).write()
+}
+
 module.exports = {
-    postPRComment
+    postPRComment,
+    postJobSummary
 };
diff --git a/src/main.js b/src/main.js
@@ -49,6 +49,7 @@ async function main() {
     const githubToken = process.env.INPUT_TOKEN;
     const disableAnnotations = process.env.INPUT_DISABLE_ANNOTATIONS;
     const enableComments = process.env.INPUT_ENABLE_COMMENTS;
+    const enableJobsSummary = process.env.INPUT_ENABLE_JOBS_SUMMARY;
     const commentsWithQueries = process.env.INPUT_COMMENTS_WITH_QUERIES;
     const excludedColumnsForCommentsWithQueries = process.env.INPUT_EXCLUDED_COLUMNS_FOR_COMMENTS_WITH_QUERIES.split(',');
     const outputPath = processOutputPath(process.env.INPUT_OUTPUT_PATH);
@@ -78,6 +79,9 @@ async function main() {
         if (enableComments.toLocaleLowerCase() === "true") {
             await commenter.postPRComment(parsedResults, repo, prNumber, octokit, commentsWithQueries.toLocaleLowerCase() === "true", excludedColumnsForCommentsWithQueries);
         }
+        if (enableJobsSummary.toLocaleLowerCase() === "true") {
+            await commenter.postJobSummary(parsedResults, commentsWithQueries.toLocaleLowerCase() === "true", excludedColumnsForCommentsWithQueries);
+        }
 
         setWorkflowStatus(exitCode);
         cleanupOutput(outputPath.resultsJSONFile, outputFormats);
