Add workflow examples using the d2d and docker pipelines #4 (#5)

Signed-off-by: tdruez <[email protected]>

Author: tdruez

.github/workflows/analyze-docker-image.yml

@@ -0,0 +1,12 @@
+on: [push]
+
+jobs:
+  scan-codebase:
+    runs-on: ubuntu-22.04
+    name: Analyze a Docker image with ScanCode.io
+    steps:
+      - uses: nexB/scancode-action@alpha
+        with:
+          pipelines: "analyze_docker_image"
+          input-urls:
+            https://github.com/nexB/scancode.io-tutorial/releases/download/sample-images/30-alpine-nickolashkraus-staticbox-latest.tar

.github/workflows/map-deploy-to-develop.yml

@@ -0,0 +1,15 @@
+on: [push]
+
+jobs:
+  scan-codebase:
+    runs-on: ubuntu-22.04
+    name: Map deploy to develop with ScanCode.io
+    steps:
+      - uses: nexB/scancode-action@alpha
+        with:
+          pipelines: "map_deploy_to_develop"
+          input-urls:
+            https://github.com/nexB/scancode.io/raw/main/scanpipe/tests/data/d2d/jars/from-flume-ng-node-1.9.0.zip#from
+            https://github.com/nexB/scancode.io/raw/main/scanpipe/tests/data/d2d/jars/to-flume-ng-node-1.9.0.zip#to
+        env:
+          PURLDB_URL: https://public.purldb.io/

.github/workflows/scan-codebase.yml

@@ -2,7 +2,7 @@ on: [push]
 
 jobs:
   scan-codebase:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Scan codebase with ScanCode.io
     steps:
       - uses: actions/checkout@v4

.github/workflows/scan-package.yml .github/workflows/scan-single-package.yml.github/workflows/scan-package.yml renamed to .github/workflows/scan-single-package.yml

@@ -2,12 +2,12 @@ on: [push]
 
 jobs:
   scan-codebase:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Scan package with ScanCode.io
     steps:
       - name: Download repository archive to scancode-inputs/ directory
         run: |
           wget --directory-prefix=scancode-inputs https://github.com/${GITHUB_REPOSITORY}/archive/${GITHUB_REF}.zip
       - uses: nexB/scancode-action@alpha
         with:
-          pipelines: "scan_package"
+          pipelines: "scan_single_package"

README.md

@@ -18,6 +18,7 @@ Run [ScanCode.io](https://github.com/nexB/scancode.io) pipelines from your Workf
   - [Run a specific pipeline](#run-a-specific-pipeline)
   - [Run multiple pipelines](#run-multiple-pipelines)
   - [Choose the output formats](#choose-the-output-formats)
+  - [Provide download URLs inputs](#provide-download-urls-inputs)
   - [Fetch pipelines inputs](#fetch-pipelines-inputs)
   - [Define a custom project name](#define-a-custom-project-name)
 - [Where does the scan results go?](#where-does-the-scan-results-go)
@@ -49,22 +50,32 @@ steps:
     # The list of output formats to generate.
     # Default is 'json xlsx spdx cyclonedx'
     output-formats:
-      
+
     # Relative path within the $GITHUB_WORKSPACE for pipeline inputs.
     # Default is 'scancode-inputs'
     inputs-path:
 
+    # Provide one or more URLs to download for the pipeline run execution
+    input-urls:
+
     # Name of the project.
     # Default is 'scancode-action'
     project-name:
 
+    # Name of the outputs archive.
+    # Default is 'scancode-outputs'
+    outputs-archive-name:
+
     # Python version that will be installed to run ScanCode.io
     # Default is '3.11'
     python-version:
 ```
 
 ## Examples
 
+See https://github.com/nexB/scancode-action/tree/main/.github/workflows for Workflows
+examples.
+
 ### Scan repo codebase
 
 ```yaml
@@ -113,6 +124,17 @@ For details on setting up and configuring your own instance, please refer to the
     output-formats: "json xlsx spdx cyclonedx"
 ```
 
+### Provide download URLs inputs
+
+```yaml
+- uses: nexB/scancode-action@alpha
+  with:
+    pipelines: "map_deploy_to_develop"
+    input-urls:
+      https://domain.url/source.zip#from
+      https://domain.url/binaries.zip#to
+```
+
 ### Fetch pipelines inputs
 
 ```yaml
@@ -136,5 +158,5 @@ For details on setting up and configuring your own instance, please refer to the
 
 Upon completion of the workflow, you can **find the scan results** in the dedicated 
 **artifacts section** at the bottom of the workflow summary page. 
-Look for a file named `scanpipe-outputs` in that section. 
+Look for a file named `scancode-outputs` in that section. 
 This file contains the outputs generated by the `scancode-action`.

action.yml

@@ -10,9 +10,16 @@ inputs:
   inputs-path:
     description: "Relative path within the $GITHUB_WORKSPACE for pipeline inputs"
     default: "${{ github.workspace }}/scancode-inputs"
+  input-urls:
+    description: 'Provide one or more URLs to download for the pipeline run execution'
+    required: false
+    default: ""
   project-name:
     description: "Name of the project"
     default: "scancode-action"
+  outputs-archive-name:
+    description: "Name of the outputs archive"
+    default: "scancode-outputs"
   python-version:
     description: "Python version"
     default: "3.11"
@@ -28,29 +35,49 @@ runs:
       shell: bash
       run: |
         echo "SECRET_KEY=$(openssl rand -base64 32)" >> $GITHUB_ENV
-        echo "SCANCODEIO_DB_ENGINE=django.db.backends.sqlite3" >> $GITHUB_ENV
-        echo "SCANCODEIO_DB_NAME=sqlite3.db" >> $GITHUB_ENV
+        echo "SCANCODEIO_DB_NAME=scancodeio" >> $GITHUB_ENV
+        echo "SCANCODEIO_DB_USER=scancodeio" >> $GITHUB_ENV
+        echo "SCANCODEIO_DB_PASSWORD=scancodeio" >> $GITHUB_ENV
+
+    - name: Start and setup the PostgreSQL service
+      shell: bash
+      run: |
+        sudo systemctl start postgresql.service
+        sudo -u postgres createuser --no-createrole --no-superuser --login --inherit --createdb ${{ env.SCANCODEIO_DB_USER }}
+        sudo -u postgres psql -c "ALTER USER ${{ env.SCANCODEIO_DB_USER }} WITH encrypted password '${{ env.SCANCODEIO_DB_PASSWORD }}'"
+        sudo -u postgres createdb --owner=scancodeio --encoding=UTF-8 ${{ env.SCANCODEIO_DB_NAME }}
 
     - name: Install ScanCode.io
       shell: bash
       run: |
-        pip install scancodeio
+        pip install --upgrade scancodeio
         scanpipe migrate
 
-    - name: Generate pipelines CLI arguments
+    - name: Generate `--pipeline` CLI arguments
       shell: bash
       run: |
         IFS=',' read -ra PIPELINES <<< "${{ inputs.pipelines }}"
-        options=""
+        PIPELINE_CLI_ARGS=""
         for pipeline in "${PIPELINES[@]}"; do
-          options+="--pipeline $pipeline "
+          PIPELINE_CLI_ARGS+=" --pipeline $pipeline"
+        done
+        echo "PIPELINE_CLI_ARGS=${PIPELINE_CLI_ARGS}" >> $GITHUB_ENV
+
+    - name: Generate `--input-url` CLI arguments
+      shell: bash
+      run: |
+        INPUT_URL_CLI_ARGS=""
+        for url in ${{ inputs.input-urls }}; do
+          INPUT_URL_CLI_ARGS+=" --input-url $url"
         done
-        echo "PIPELINE_CLI_ARGS=${options}" >> $GITHUB_ENV
+        echo "INPUT_URL_CLI_ARGS=${INPUT_URL_CLI_ARGS}" >> $GITHUB_ENV
 
-    - name: Create project with ${{ inputs.pipelines }} pipelines
+    - name: Create project
       shell: bash
       run: |
-        scanpipe create-project ${{ inputs.project-name }} ${{ env.PIPELINE_CLI_ARGS }}
+        scanpipe create-project ${{ inputs.project-name }} \
+        ${{ env.PIPELINE_CLI_ARGS }} \
+        ${{ env.INPUT_URL_CLI_ARGS }}
 
     - name: Set project work directory in the environment
       shell: bash
@@ -61,7 +88,12 @@ runs:
 
     - name: Copy input files to project work directory
       shell: bash
-      run: cp -r ${{ inputs.inputs-path }}/* ${{ env.PROJECT_WORK_DIRECTORY }}/input/
+      run: |
+        SOURCE_PATH="${{ inputs.inputs-path }}"
+        DESTINATION_PATH="${{ env.PROJECT_WORK_DIRECTORY }}/input/"
+        if [ -d "$SOURCE_PATH" ]; then
+          cp -r "$SOURCE_PATH"/* "$DESTINATION_PATH"
+        fi
 
     - name: Run the pipelines
       shell: bash
@@ -70,7 +102,7 @@ runs:
     - name: Generate outputs
       id: scanpipe
       shell: bash
-      run: scanpipe output 
+      run: scanpipe output
         --project ${{ inputs.project-name }} 
         --format ${{ inputs.output-formats }} 
         --no-color
@@ -79,5 +111,5 @@ runs:
       uses: actions/upload-artifact@v4
       id: artifact-upload-step
       with:
-        name: scanpipe-outputs
+        name: ${{ inputs.outputs-archive-name }}
         path: ${{ env.PROJECT_WORK_DIRECTORY }}/output/*