From 261e211cefa84479cbaeaedeedc45c8a721f27dd Mon Sep 17 00:00:00 2001 From: David Knise Date: Mon, 25 Apr 2022 09:59:36 -0700 Subject: [PATCH 1/2] Supporting running client with --tools --- action.yml | 2 + lib/action.js | 11 ++ node_modules/.package-lock.json | 237 +++++++++++++++++++++++++++++++- package-lock.json | 4 +- package.json | 2 +- src/action.ts | 12 ++ 6 files changed, 264 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index efd4d3da..ef5bc253 100644 --- a/action.yml +++ b/action.yml @@ -14,6 +14,8 @@ inputs: description: A comma separated list of analyzer categories to run. Values secrets, code, artifacts, IaC, containers. Example IaC,secrets. Defaults to all. languages: description: A comma separated list of languages to analyze. Example javascript, typescript. Defaults to all. + tools: + description: A comma separated list of analyzer tools to run. Example bandit, binskim, eslint, template-analyzer, terrascan, trivy. outputs: sarifFile: description: A file path to a SARIF results file. diff --git a/lib/action.js b/lib/action.js index 022328c2..81768f05 100644 --- a/lib/action.js +++ b/lib/action.js @@ -67,6 +67,17 @@ function run() { } } } + let toolsString = core.getInput('tools'); + if (!client.isNullOrWhiteSpace(toolsString)) { + let tools = toolsString.split(','); + args.push('--tools'); + for (let i = 0; i < tools.length; i++) { + let tool = tools[i]; + if (!client.isNullOrWhiteSpace(tool)) { + args.push(tool.trim()); + } + } + } args.push('--github'); yield client.run(args, 'microsoft/security-devops-action'); }); diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 42f5341c..2b140282 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "microsoft-security-devops-action", - "version": "1.4.0", + "version": "1.5.0", "lockfileVersion": 2, "requires": true, "packages": { @@ -25,6 +25,135 @@ "integrity": "sha1-L2FLbmnOFNGRGARR6zjmV2puayc=", "license": "MIT" }, + "node_modules/@sinonjs/commons": { + "version": "1.8.2", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@sinonjs/commons/-/commons-1.8.2.tgz", + "integrity": "sha1-hY9cS0jYB3j95LnVQfJ+3A1WSIs=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "type-detect": "4.0.8" + } + }, + "node_modules/@sinonjs/formatio": { + "version": "2.0.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@sinonjs/formatio/-/formatio-2.0.0.tgz", + "integrity": "sha1-hNt+nrVTHfGKjF4L+25EnlXmVLI=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "samsam": "1.3.0" + } + }, + "node_modules/@sinonjs/samsam": { + "version": "3.3.3", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@sinonjs/samsam/-/samsam-3.3.3.tgz", + "integrity": "sha1-Rmgu/Zlnslm4ETa58SD9VFhf60o=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "@sinonjs/commons": "^1.3.0", + "array-from": "^2.1.1", + "lodash": "^4.17.15" + } + }, + "node_modules/@sinonjs/text-encoding": { + "version": "0.7.1", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@sinonjs/text-encoding/-/text-encoding-0.7.1.tgz", + "integrity": "sha1-jaXGUwkVZT86Hzj9XxAdjD+AecU=", + "dev": true, + "license": "(Unlicense OR Apache-2.0)" + }, + "node_modules/@types/mocha": { + "version": "2.2.48", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@types/mocha/-/mocha-2.2.48.tgz", + "integrity": "sha1-NSOxJqCwSUguHDwRh3Rg92Yi/6s=", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/node": { + "version": "8.10.66", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@types/node/-/node-8.10.66.tgz", + "integrity": "sha1-3QNdQJ3zIqzIPf9ipgLxKleDu7M=", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/q": { + "version": "1.5.4", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@types/q/-/q-1.5.4.tgz", + "integrity": "sha1-FZJUFOCtLNdlv+9YhC9+JqesyyQ=", + "dev": true, + "license": "MIT" + }, + "node_modules/@types/sinon": { + "version": "4.3.3", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@types/sinon/-/sinon-4.3.3.tgz", + "integrity": "sha1-l8u/3cMoK1/UDHq/gLmdtCb9Qjc=", + "dev": true, + "license": "MIT" + }, + "node_modules/array-from": { + "version": "2.1.1", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/array-from/-/array-from-2.1.1.tgz", + "integrity": "sha1-z+nYwmYoudxa7MYqn12PHzUsEZU=", + "dev": true, + "license": "MIT" + }, + "node_modules/diff": { + "version": "3.5.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/diff/-/diff-3.5.0.tgz", + "integrity": "sha1-gAwN0eCov7yVg1wgKtIg/jF+WhI=", + "dev": true, + "license": "BSD-3-Clause", + "engines": { + "node": ">=0.3.1" + } + }, + "node_modules/has-flag": { + "version": "3.0.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=4" + } + }, + "node_modules/isarray": { + "version": "0.0.1", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true, + "license": "MIT" + }, + "node_modules/just-extend": { + "version": "4.1.1", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/just-extend/-/just-extend-4.1.1.tgz", + "integrity": "sha1-FY8f2wHxKMQR3IsoantIN7NUUoI=", + "dev": true, + "license": "MIT" + }, + "node_modules/lodash": { + "version": "4.17.21", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha1-Z5WRxWTDv/quhFTPCz3zcMPWkRw=", + "dev": true, + "license": "MIT" + }, + "node_modules/lodash.get": { + "version": "4.4.2", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/lodash.get/-/lodash.get-4.4.2.tgz", + "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=", + "dev": true, + "license": "MIT" + }, + "node_modules/lolex": { + "version": "2.7.5", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/lolex/-/lolex-2.7.5.tgz", + "integrity": "sha1-ETAB1Wv8fgLVbjYpHMXEE9GqBzM=", + "dev": true, + "license": "BSD-3-Clause" + }, "node_modules/microsoft-security-devops-actions-toolkit": { "version": "1.4.2", "resolved": "https://registry.npmjs.org/microsoft-security-devops-actions-toolkit/-/microsoft-security-devops-actions-toolkit-1.4.2.tgz", @@ -33,6 +162,112 @@ "@actions/core": "1.2.6", "@actions/exec": "1.0.4" } + }, + "node_modules/nise": { + "version": "1.5.3", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/nise/-/nise-1.5.3.tgz", + "integrity": "sha1-nSz+N9RPVzF3ZsbpQIo1nF06wfc=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "@sinonjs/formatio": "^3.2.1", + "@sinonjs/text-encoding": "^0.7.1", + "just-extend": "^4.0.2", + "lolex": "^5.0.1", + "path-to-regexp": "^1.7.0" + } + }, + "node_modules/nise/node_modules/@sinonjs/formatio": { + "version": "3.2.2", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/@sinonjs/formatio/-/formatio-3.2.2.tgz", + "integrity": "sha1-dxxg36dep/LWjjuUx+iIp4eBNyw=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "@sinonjs/commons": "^1", + "@sinonjs/samsam": "^3.1.0" + } + }, + "node_modules/nise/node_modules/lolex": { + "version": "5.1.2", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/lolex/-/lolex-5.1.2.tgz", + "integrity": "sha1-lTaU0JjOfAe8XtbQ5CvGwMbVo2c=", + "dev": true, + "license": "BSD-3-Clause", + "dependencies": { + "@sinonjs/commons": "^1.7.0" + } + }, + "node_modules/path-to-regexp": { + "version": "1.8.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/path-to-regexp/-/path-to-regexp-1.8.0.tgz", + "integrity": "sha1-iHs7qdhDk+h6CgufTLdWGYtTVIo=", + "dev": true, + "license": "MIT", + "dependencies": { + "isarray": "0.0.1" + } + }, + "node_modules/samsam": { + "version": "1.3.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/samsam/-/samsam-1.3.0.tgz", + "integrity": "sha1-jR2TUOJWItow3j5EumkrUiGrfFA=", + "dev": true, + "license": "BSD-3-Clause" + }, + "node_modules/sinon": { + "version": "4.5.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/sinon/-/sinon-4.5.0.tgz", + "integrity": "sha1-QnrjEqM308UWgEzidU6MDVAoywQ=", + "dev": true, + "hasInstallScript": true, + "license": "BSD-3-Clause", + "dependencies": { + "@sinonjs/formatio": "^2.0.0", + "diff": "^3.1.0", + "lodash.get": "^4.4.2", + "lolex": "^2.2.0", + "nise": "^1.2.0", + "supports-color": "^5.1.0", + "type-detect": "^4.0.5" + } + }, + "node_modules/supports-color": { + "version": "5.5.0", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha1-4uaaRKyHcveKHsCzW2id9lMO/I8=", + "dev": true, + "license": "MIT", + "dependencies": { + "has-flag": "^3.0.0" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/type-detect": { + "version": "4.0.8", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha1-dkb7XxiHHPu3dJ5pvTmmOI63RQw=", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=4" + } + }, + "node_modules/typescript": { + "version": "3.9.9", + "resolved": "https://pkgs.dev.azure.com/SecurityTools/_packaging/Guardian.Pipeline.Dependencies/npm/registry/typescript/-/typescript-3.9.9.tgz", + "integrity": "sha1-5pkFxUvAaB0FGL1NWHzG8tCxpnQ=", + "dev": true, + "license": "Apache-2.0", + "bin": { + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" + }, + "engines": { + "node": ">=4.2.0" + } } } } diff --git a/package-lock.json b/package-lock.json index d38c3369..3ab3c83d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "microsoft-security-devops-action", - "version": "1.4.0", + "version": "1.5.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "microsoft-security-devops-action", - "version": "1.4.0", + "version": "1.5.0", "dependencies": { "@actions/core": "1.2.6", "@actions/exec": "1.0.4", diff --git a/package.json b/package.json index f4f4d9c8..a7d7ce07 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "microsoft-security-devops-action", - "version": "1.4.0", + "version": "1.5.0", "description": "Node dependencies for the microsoft/security-devops-action.", "scripts": { "test": "mocha" diff --git a/src/action.ts b/src/action.ts index 19a5bea8..09fd55b7 100644 --- a/src/action.ts +++ b/src/action.ts @@ -45,6 +45,18 @@ async function run() { } } + let toolsString: string = core.getInput('tools'); + if (!client.isNullOrWhiteSpace(toolsString)) { + let tools = toolsString.split(','); + args.push('--tools'); + for (let i = 0; i < tools.length; i++) { + let tool = tools[i]; + if (!client.isNullOrWhiteSpace(tool)) { + args.push(tool.trim()); + } + } + } + args.push('--github'); await client.run(args, 'microsoft/security-devops-action'); From d20285af5a5fe3a0b1da57b2abaa818c969fb9bd Mon Sep 17 00:00:00 2001 From: David Knise Date: Mon, 25 Apr 2022 10:11:31 -0700 Subject: [PATCH 2/2] Use --tool --- lib/action.js | 2 +- src/action.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/action.js b/lib/action.js index 81768f05..bd3b72ed 100644 --- a/lib/action.js +++ b/lib/action.js @@ -70,7 +70,7 @@ function run() { let toolsString = core.getInput('tools'); if (!client.isNullOrWhiteSpace(toolsString)) { let tools = toolsString.split(','); - args.push('--tools'); + args.push('--tool'); for (let i = 0; i < tools.length; i++) { let tool = tools[i]; if (!client.isNullOrWhiteSpace(tool)) { diff --git a/src/action.ts b/src/action.ts index 09fd55b7..254162d5 100644 --- a/src/action.ts +++ b/src/action.ts @@ -48,7 +48,7 @@ async function run() { let toolsString: string = core.getInput('tools'); if (!client.isNullOrWhiteSpace(toolsString)) { let tools = toolsString.split(','); - args.push('--tools'); + args.push('--tool'); for (let i = 0; i < tools.length; i++) { let tool = tools[i]; if (!client.isNullOrWhiteSpace(tool)) {