Add PSScriptAnalyzer action

Author: devblackops

README.md

@@ -1,2 +1,39 @@
-# github-action-psscriptanalzyer
-GitHub Action to run PSScriptAnalyzer static code analysis
+# github-action-psscriptanalyzer
+
+[GitHub Action](https://github.com/features/actions) to run [PSScriptAnalyzer](https://github.com/PowerShell/PSScriptAnalyzer) static code analysis checks on [Pull Requests](https://help.github.com/articles/about-pull-requests/).
+
+## Success Criteria
+
+This action will succeed if **zero** PSScriptAnalyzer errors are found.
+If any warnings or informational issues are found, a comment will be posted to the pull request but the action will not return a failure.
+
+## Usage
+
+Place the following in your `./github/main.workflow` file to run PSScriptAnalyzer on incoming pull requests.
+
+```
+
+workflow "psscriptanalysis" {
+  on       = "pull_request"
+  resolves = "PSScriptAnalyzer"
+}
+
+action "PSScriptAnalyzer" {
+    # Replace <latest tag> with the latest tag from
+    # https://github.com/devblackops/github-action-psscriptanalyzer/releases
+    uses = "devblackops/github-action-psscriptanalyzer/analyze@<latest tag>"
+
+    # Optional environment variables to control analysis behavior
+    env = [
+        PSSCRIPTANALYZER_ROOT          = "./MyModule"
+        PSSCRIPTANALYZER_SETTINGS_PATH = "./settings.psd1
+    ]
+}
+```
+
+## Environment Variables
+
+| Name | Default | Description |
+|--------------------------------|---------|-------------|
+| PSSCRIPTANALYZER_ROOT          | . | The root directory to run PSScriptAnalyzer on. By default, this is the root of the repository.
+| PSSCRIPTANALYZER_SETTINGS_PATH | none | The path to a PSScriptAnalyser settings file to control rules to execute.

analyze/Dockerfile

@@ -0,0 +1,21 @@
+FROM mcr.microsoft.com/powershell:6.1.0-ubuntu-18.04 as base
+SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+RUN Set-PSRepository -Name PSGallery -InstallationPolicy Trusted; \
+    Install-Module PSScriptAnalyzer -RequiredVersion 1.17.1 -Repository PSGallery
+
+FROM base as analyzer
+LABEL "com.github.actions.name"         = "PSScriptAnalyzer"
+LABEL "com.github.actions.description"  = "Run PSScriptAnalyzer tests"
+LABEL "com.github.actions.icon"         = "box"
+LABEL "com.github.actions.color"        = "blue"
+
+LABEL "repository" = "https://github.com/devblackops/github-action-psscriptanalyzer"
+LABEL "homepage"   = "https://github.com/PowerShell/PSScriptAnalyzer"
+LABEL "maintainer" = "Brandon Olin <[email protected]>"
+
+ADD entrypoint.sh  /entrypoint.sh
+ADD run.ps1        /run.ps1
+
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

analyze/entrypoint.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -eu
+
+pwsh -f /run.ps1 $*
+
+exit $?

analyze/run.ps1

@@ -0,0 +1,69 @@
+#requires -modules PSScriptAnalyzer
+
+[cmdletbinding()]
+param()
+
+$ErrorActionPreference = 'Stop'
+
+$nl = [Environment]::NewLine
+
+$analyzeParams = @{
+    Recurse = $true
+}
+
+# By default, run PSScriptAnalyzer on the whole repository
+# but allow overriding this with PSSCRIPTANALYZER_ROOT environment variable
+if ($env:PSSCRIPTANALYZER_ROOT) {
+    $analyzeParams.Path = $env:PSSCRIPTANALYZER_ROOT
+} else {
+    $analyzeParams.Path = $env:GITHUB_WORKSPACE
+}
+
+# Path to custom script analzyer settings
+if ($env:PSSCRIPTANALYZER_SETTINGS_PATH) {
+    $analyzeParams.Settings = $env:PSSCRIPTANALYZER_SETTINGS_PATH
+}
+
+# Run PSScriptAnalyzer
+$issues   = Invoke-ScriptAnalyzer @analyzeParams
+$errors   = ($issues.where({$_.Severity -eq 'Error'})).Count
+$warnings = ($issues.where({$_.Severity -eq 'Warning'})).Count
+$infos    = ($issues.where({$_.Severity -eq 'Information'})).Count
+
+$strings = @{
+    summary    = 'PSScriptAnalyzer results:{0}Errors: {1, 6}{2}Warnings: {3, 4}{4}Information: {5}'
+    errorList  = '{0}The following PSScriptAnalyzer errors caused the check to fail:{1}'
+    warningMsg = '{0} There were **[{1}]** warnings and **[{2}]** informational issues found. These did not cause the check to fail but it is recommended that they be fixed.'
+}
+
+# Create analysis summary
+$summary = ($strings.summary -f $nl, $errors, $nl, $warnings, $nl, $infos)
+$comment = '```' + $nl + $summary + $nl + '```'
+if ($errors -gt 0) {
+    $comment += $scripts.errorList -f $nl, $nl
+    $errorMsg = ($issues.Where({$_.Severity -eq 'Error'}) |
+        Format-List -Property RuleName, Severity, ScriptName, Line, Message |
+        Out-String -Width 80).Trim()
+    $comment += '```' + $nl + $errorMsg + $nl + '```'
+}
+if (($warnings -gt 0) -or ($infos -gt 0)) {
+    $comment += $strings.warningMsg -f $nl, $warnings, $infos
+}
+Write-Output $comment
+
+# Send comment back to PR if any errors were found
+$ghEvent = Get-Content -Path $env:GITHUB_EVENT_PATH | ConvertFrom-Json
+if ($errors.Count -gt 0) {
+    $params = @{
+        Uri = $ghEvent.pull_request.'_links'.comments.href
+        Method = 'Post'
+        Headers = @{
+            Authorization = "token $env:GITHUB_TOKEN"
+        }
+        ContentType = 'application/json'
+        Body = @{body = $comment} | ConvertTo-Json
+    }
+    Invoke-RestMethod @params > $null
+}
+
+exit $errors