Skip to content

Commit 12e52dc

Browse files
tdrueztdruez
committed
Run scanpipe using Docker instead of Python library
Signed-off-by: tdruez <[email protected]>
1 parent e46d127 commit 12e52dc

File tree

1 file changed

+97
-83
lines changed

1 file changed

+97
-83
lines changed

action.yml

Lines changed: 97 additions & 83 deletions
Original file line numberDiff line numberDiff line change
@@ -67,91 +67,105 @@ runs:
6767
sudo -u postgres psql -c "ALTER USER ${{ env.SCANCODEIO_DB_USER }} WITH encrypted password '${{ env.SCANCODEIO_DB_PASSWORD }}'"
6868
sudo -u postgres createdb --owner=scancodeio --encoding=UTF-8 ${{ env.SCANCODEIO_DB_NAME }}
6969
70-
- name: Install ScanCode.io
70+
- name: Define `scanpipe` Docker command
7171
shell: bash
7272
run: |
73-
if [ -z "${{ inputs.scancodeio-repo-branch }}" ]; then
74-
echo "Installing the latest ScanCode.io release from PyPI"
75-
pip install --upgrade scancodeio
76-
else
77-
echo "Installing ScanCode.io from the GitHub branch: ${{ inputs.scancodeio-repo-branch }}"
78-
pip install git+https://github.com/aboutcode-org/scancode.io.git@${{ inputs.scancodeio-repo-branch }}
79-
fi
73+
echo 'SCANPIPE_CMD=docker run --rm \
74+
-v "${{ github.workspace }}/scancode-inputs":/scancode/input:ro \
75+
-v "${{ github.workspace }}/scancode-outputs":/scancode/output \
76+
-w /scancode \
77+
ghcr.io/aboutcode-org/scancode.io:latest scanpipe' >> $GITHUB_ENV
8078
81-
- name: Run migrations to prepare the database
82-
shell: bash
83-
run: scanpipe migrate --verbosity 0
84-
85-
- name: Generate `--pipeline` CLI arguments
79+
- name: Define `scanpipe` Docker command
8680
shell: bash
8781
run: |
88-
IFS=',' read -ra PIPELINES <<< "${{ inputs.pipelines }}"
89-
PIPELINE_CLI_ARGS=""
90-
for pipeline in "${PIPELINES[@]}"; do
91-
PIPELINE_CLI_ARGS+=" --pipeline $pipeline"
92-
done
93-
echo "PIPELINE_CLI_ARGS=${PIPELINE_CLI_ARGS}" >> $GITHUB_ENV
94-
95-
- name: Generate `--input-url` CLI arguments
96-
shell: bash
97-
run: |
98-
INPUT_URL_CLI_ARGS=""
99-
for url in ${{ inputs.input-urls }}; do
100-
INPUT_URL_CLI_ARGS+=" --input-url $url"
101-
done
102-
echo "INPUT_URL_CLI_ARGS=${INPUT_URL_CLI_ARGS}" >> $GITHUB_ENV
103-
104-
- name: Create project
105-
shell: bash
106-
run: |
107-
scanpipe create-project ${{ inputs.project-name }} \
108-
${{ env.PIPELINE_CLI_ARGS }} \
109-
${{ env.INPUT_URL_CLI_ARGS }}
110-
111-
- name: Set project work directory in the environment
112-
shell: bash
113-
run: |
114-
project_status=$(scanpipe status --project ${{ inputs.project-name }})
115-
work_directory=$(echo "$project_status" | grep -oP 'Work directory:\s*\K[^\n]+')
116-
echo "PROJECT_WORK_DIRECTORY=$work_directory" >> $GITHUB_ENV
117-
118-
- name: Copy input files to project work directory
119-
shell: bash
120-
run: |
121-
SOURCE_PATH="${{ inputs.inputs-path }}"
122-
DESTINATION_PATH="${{ env.PROJECT_WORK_DIRECTORY }}/input/"
123-
if [ -d "$SOURCE_PATH" ]; then
124-
cp -r "$SOURCE_PATH"/* "$DESTINATION_PATH"
125-
fi
126-
127-
- name: Run the pipelines
128-
shell: bash
129-
run: scanpipe execute --project ${{ inputs.project-name }} --no-color
130-
131-
- name: Generate outputs
132-
id: scanpipe
133-
shell: bash
134-
run: scanpipe output
135-
--project ${{ inputs.project-name }}
136-
--format ${{ inputs.output-formats }}
137-
138-
- name: Upload outputs
139-
uses: actions/upload-artifact@v4
140-
id: artifact-upload-step
141-
with:
142-
name: ${{ inputs.outputs-archive-name }}
143-
path: ${{ env.PROJECT_WORK_DIRECTORY }}/output/*
144-
145-
- name: Check compliance
146-
if: inputs.check-compliance == 'true'
147-
shell: bash
148-
run: |
149-
cmd="scanpipe check-compliance \
150-
--project ${{ inputs.project-name }} \
151-
--fail-level ${{ inputs.compliance-fail-level }}"
152-
153-
if [[ "${{ inputs.compliance-fail-on-vulnerabilities }}" == "true" ]]; then
154-
cmd="$cmd --fail-on-vulnerabilities"
155-
fi
156-
157-
eval "$cmd"
82+
${{ env.SCANPIPE_CMD }} --help
83+
84+
# - name: Install ScanCode.io
85+
# shell: bash
86+
# run: |
87+
# if [ -z "${{ inputs.scancodeio-repo-branch }}" ]; then
88+
# echo "Installing the latest ScanCode.io release from PyPI"
89+
# pip install --upgrade scancodeio
90+
# else
91+
# echo "Installing ScanCode.io from the GitHub branch: ${{ inputs.scancodeio-repo-branch }}"
92+
# pip install git+https://github.com/aboutcode-org/scancode.io.git@${{ inputs.scancodeio-repo-branch }}
93+
# fi
94+
#
95+
# - name: Run migrations to prepare the database
96+
# shell: bash
97+
# run: scanpipe migrate --verbosity 0
98+
#
99+
# - name: Generate `--pipeline` CLI arguments
100+
# shell: bash
101+
# run: |
102+
# IFS=',' read -ra PIPELINES <<< "${{ inputs.pipelines }}"
103+
# PIPELINE_CLI_ARGS=""
104+
# for pipeline in "${PIPELINES[@]}"; do
105+
# PIPELINE_CLI_ARGS+=" --pipeline $pipeline"
106+
# done
107+
# echo "PIPELINE_CLI_ARGS=${PIPELINE_CLI_ARGS}" >> $GITHUB_ENV
108+
#
109+
# - name: Generate `--input-url` CLI arguments
110+
# shell: bash
111+
# run: |
112+
# INPUT_URL_CLI_ARGS=""
113+
# for url in ${{ inputs.input-urls }}; do
114+
# INPUT_URL_CLI_ARGS+=" --input-url $url"
115+
# done
116+
# echo "INPUT_URL_CLI_ARGS=${INPUT_URL_CLI_ARGS}" >> $GITHUB_ENV
117+
#
118+
# - name: Create project
119+
# shell: bash
120+
# run: |
121+
# scanpipe create-project ${{ inputs.project-name }} \
122+
# ${{ env.PIPELINE_CLI_ARGS }} \
123+
# ${{ env.INPUT_URL_CLI_ARGS }}
124+
#
125+
# - name: Set project work directory in the environment
126+
# shell: bash
127+
# run: |
128+
# project_status=$(scanpipe status --project ${{ inputs.project-name }})
129+
# work_directory=$(echo "$project_status" | grep -oP 'Work directory:\s*\K[^\n]+')
130+
# echo "PROJECT_WORK_DIRECTORY=$work_directory" >> $GITHUB_ENV
131+
#
132+
# - name: Copy input files to project work directory
133+
# shell: bash
134+
# run: |
135+
# SOURCE_PATH="${{ inputs.inputs-path }}"
136+
# DESTINATION_PATH="${{ env.PROJECT_WORK_DIRECTORY }}/input/"
137+
# if [ -d "$SOURCE_PATH" ]; then
138+
# cp -r "$SOURCE_PATH"/* "$DESTINATION_PATH"
139+
# fi
140+
#
141+
# - name: Run the pipelines
142+
# shell: bash
143+
# run: scanpipe execute --project ${{ inputs.project-name }} --no-color
144+
#
145+
# - name: Generate outputs
146+
# id: scanpipe
147+
# shell: bash
148+
# run: scanpipe output
149+
# --project ${{ inputs.project-name }}
150+
# --format ${{ inputs.output-formats }}
151+
#
152+
# - name: Upload outputs
153+
# uses: actions/upload-artifact@v4
154+
# id: artifact-upload-step
155+
# with:
156+
# name: ${{ inputs.outputs-archive-name }}
157+
# path: ${{ env.PROJECT_WORK_DIRECTORY }}/output/*
158+
#
159+
# - name: Check compliance
160+
# if: inputs.check-compliance == 'true'
161+
# shell: bash
162+
# run: |
163+
# cmd="scanpipe check-compliance \
164+
# --project ${{ inputs.project-name }} \
165+
# --fail-level ${{ inputs.compliance-fail-level }}"
166+
#
167+
# if [[ "${{ inputs.compliance-fail-on-vulnerabilities }}" == "true" ]]; then
168+
# cmd="$cmd --fail-on-vulnerabilities"
169+
# fi
170+
#
171+
# eval "$cmd"

0 commit comments

Comments
 (0)