Skip to content

Commit

Permalink
Merge pull request #4 from PaloAltoNetworks/multipath-fix
Browse files Browse the repository at this point in the history
1. Added support for multiline path
  • Loading branch information
yaron-cider authored Oct 27, 2024
2 parents b0e2f8d + d91daa1 commit 5c3aaec
Show file tree
Hide file tree
Showing 2 changed files with 128 additions and 46 deletions.
38 changes: 30 additions & 8 deletions action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,20 @@ inputs:
Higher levels will result in better compression, but will take longer to complete.
For large files that are not easily compressed, a value of 0 is recommended for significantly faster uploads.
default: '6'
if-no-files-found:
description: >
The desired behavior if no files are found using the provided path.
Available Options:
warn: Output a warning but do not fail the action
error: Fail the action with an error message
ignore: Do not output any warnings or errors, the action does not fail
default: 'warn'
include-hidden-files:
description: >
If true, hidden files will be included in the artifact.
If false, hidden files will be excluded from the artifact.
default: 'false'

outputs:
artifact-id:
Expand All @@ -50,8 +64,19 @@ runs:

- name: Secrets Scanning
if: inputs.scan-only-runner-token == 'false'
run: docker run -v /$(pwd)/${{ inputs.path }}:/scan zricethezav/gitleaks@sha256:75bdb2b2f4db213cde0b8295f13a88d6b333091bbfbf3012a4e083d00d31caba detect --no-git --source /scan
shell: bash
run: |
INPUT_PATH="${{ inputs.path }}"
OUTPUT_PATH=""
for path in $(echo $INPUT_PATH | tr "|" "\n")
do
OUTPUT_PATH+=$path
OUTPUT_PATH+=";"
echo "Scanning path $path"
cd $(pwd)
docker run -v $path:/scan zricethezav/gitleaks@sha256:75bdb2b2f4db213cde0b8295f13a88d6b333091bbfbf3012a4e083d00d31caba detect --no-git --source /scan
done
echo "PATH_ARR=$OUTPUT_PATH" >> $GITHUB_ENV
shell: bash

- name: Set up Node.js
uses: actions/setup-node@26961cf329f22f6837d5f54c3efd76b480300ace #3.03
Expand All @@ -66,9 +91,6 @@ runs:
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #7.01
with:
script: |
const script = require('${{github.action_path}}/index.js')
script({"github":github, "context":context,artifactName:"${{ inputs.name }}",artifactPath:"${{ inputs.path }}",retentionDays:"${{ inputs.retention-days }}",compressionLevel:"${{ inputs.compression-level }}"})
script: |
const script = require('${{github.action_path}}/index.js')
script({"github":github, "context":context,artifactName:"${{ inputs.name }}",artifactPath:"${{ env.PATH_ARR }}",retentionDays:"${{ inputs.retention-days }}",compressionLevel:"${{ inputs.compression-level }}",ifNoFilesFound:"${{ inputs.if-no-files-found }}",includeHiddenFiles:"${{ inputs.include-hidden-files }}"})
136 changes: 98 additions & 38 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,30 +3,69 @@ const fs = require('fs');
const path = require('path');
const core = require('@actions/core');

async function main(github, context, artifactName,artifactPath,retentionDays,compressionLevel) {
const artifactClient = new DefaultArtifactClient();
async function main(github, context, artifactName,artifactPath,retentionDays,compressionLevel,ifNoFilesFound, includeHiddenFiles) {

const artifactClient = new DefaultArtifactClient();
try {
await uploadArtifact(artifactClient, artifactName, artifactPath,retentionDays,compressionLevel);
await uploadArtifact(artifactClient, artifactName, artifactPath,retentionDays,compressionLevel,ifNoFilesFound,includeHiddenFiles);
} catch (error) {
core.setFailed(error.message);
}
}

async function uploadArtifact(artifactClient, artifactName, artifactPath,retentionDays,compressionLevel) {
function isFile(inputPath) {
const stats = fs.lstatSync(inputPath);
return stats.isFile();
}

if (!fs.existsSync(artifactPath)){
console.warn("No files were found with the provided path: /not. No artifacts will be uploaded.");
return
}

foundPath = hasGitFolderWithGitHubRunnerToken(artifactPath)
if (foundPath) {
throw new Error(`Found GITHUB_TOKEN in artifact, under path ${foundPath}`);
}
async function uploadArtifact(artifactClient, artifactName, artifactPath,retentionDays,compressionLevel,ifNoFilesFound,includeHiddenFiles) {


const paths = artifactPath.split(';'); // Split by `;`
let filesToUpload = [];

for (const path of paths) {

const filesToUpload = await populateFilesWithFullPath(artifactPath);
if (!fs.existsSync(path)) {
continue;
}

if (isFile(path)) {
filesToUpload = filesToUpload.concat(path); // Accumulate file
}
else {
const files = await populateFilesWithFullPath(path.trim(),includeHiddenFiles); // Get files for each path
filesToUpload = filesToUpload.concat(files); // Accumulate files
if (hasGitFolderWithGitHubRunnerToken(artifactPath))
throw new Error(`Found GITHUB_TOKEN in artifact, under path ${foundPath}`);
}
}
if (filesToUpload.length == 0) {

switch (ifNoFilesFound) {
case "warn": {
core.warning(
`No files were found with the provided path: ${artifactPath}. No artifacts will be uploaded.`
)
break
}
case "error": {
core.setFailed(
`No files were found with the provided path: ${artifactPath}. No artifacts will be uploaded.`
)
break
}
case "ignore": {
core.info(
`No files were found with the provided path: ${artifactPath}. No artifacts will be uploaded.`
)
break
}
}

return
}

await artifactClient.uploadArtifact(
artifactName,
filesToUpload,
Expand All @@ -37,26 +76,32 @@ async function uploadArtifact(artifactClient, artifactName, artifactPath,retenti


function findGitFolder(startPath) {
if (!fs.existsSync(startPath)) {
console.log("Start path does not exist.");
return null;
}

const files = fs.readdirSync(startPath);
try
{
if (!fs.existsSync(startPath)) {
return null;
}

for (let i = 0; i < files.length; i++) {
const filePath = path.join(startPath, files[i]);
const files = fs.readdirSync(startPath);

if (files[i] === '.git' && fs.statSync(filePath).isDirectory()) {
return filePath;
}
for (let i = 0; i < files.length; i++) {
const filePath = path.join(startPath, files[i]);

if (fs.statSync(filePath).isDirectory()) {
const result = findGitFolder(filePath);
if (result) {
return result;
}
}
if (files[i] === '.git' && fs.statSync(filePath).isDirectory()) {
return filePath;
}

if (fs.statSync(filePath).isDirectory()) {
const result = findGitFolder(filePath);
if (result) {
return result;
}
}
}
}
catch (exceptionVar) {
console.log(exceptionVar)
}

return null;
Expand All @@ -65,8 +110,10 @@ function findGitFolder(startPath) {
function hasGitFolderWithGitHubRunnerToken(pathToCheck) {
const fs = require('fs');
const path = require('path');

try
{
const gitDir = findGitFolder(pathToCheck, '.git');
if (gitDir) {
const configFile = path.join(gitDir, 'config');
const regex = new RegExp('eC1hY2Nlc3MtdG9rZW46Z2hz', 'i');

Expand All @@ -81,9 +128,13 @@ function hasGitFolderWithGitHubRunnerToken(pathToCheck) {
console.error('Error checking Git config:', error);
return null;
}
}
} catch (err) {
console.log(err)
}
}

async function populateFilesWithFullPath(rootPath) {
async function populateFilesWithFullPath(rootPath,includeHiddenFiles) {
const fs = require('fs').promises; // Use promises for cleaner async/await usage
const path = require('path');
const files = [];
Expand All @@ -94,19 +145,28 @@ async function populateFilesWithFullPath(rootPath) {

const stats = await fs.stat(filePath);
if (stats.isFile()) {
files.push(filePath);
if (isHiddenFile(filePath)){
if (includeHiddenFiles){
files.push(filePath);
}
}
else {
files.push(filePath);
}
} else if (stats.isDirectory()) {
// Recursively collect files from subdirectories
files.push(...(await populateFilesWithFullPath(filePath)));
files.push(...(await populateFilesWithFullPath(filePath,includeHiddenFiles)));
}
}

return files;
}

module.exports = function ({ github, context , artifactName,artifactPath,retentionDays,compressionLevel }) {
main(github, context, artifactName,artifactPath,retentionDays,compressionLevel);
function isHiddenFile(filePath) {
const path = require('path');
return path.basename(filePath).startsWith('.');
}



module.exports = function ({ github, context , artifactName,artifactPath,retentionDays,compressionLevel,ifNoFilesFound, includeHiddenFiles }) {
main(github, context, artifactName,artifactPath,retentionDays,compressionLevel, ifNoFilesFound, includeHiddenFiles);
}

0 comments on commit 5c3aaec

Please sign in to comment.