Skip to content

Commit

Permalink
Revert "action.yml: no more bash"
Browse files Browse the repository at this point in the history
This reverts commit ebfde1a.
  • Loading branch information
thypon committed May 8, 2024
1 parent baedf05 commit 706b320
Showing 1 changed file with 20 additions and 39 deletions.
59 changes: 20 additions & 39 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -167,18 +167,13 @@ runs:
bundler-cache: true
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
name: Install semgrep & pip-audit
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const { execSync } = require('child_process');
execSync('pip install --disable-pip-version-check -r ${{ github.action_path }}/requirements.txt');
shell: bash
run: |
python3 -m pip install --disable-pip-version-check -r ${{ github.action_path }}/requirements.txt
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
name: Install xmllint for safesvg
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const { execSync } = require('child_process');
execSync('sudo apt-get install -y libxml2-utils');
shell: bash
run: sudo apt-get install -y libxml2-utils
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }}
name: Install tfsec
uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0
Expand All @@ -189,36 +184,25 @@ runs:
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' && inputs.debug == 'true'}}
env:
ASSIGNEES: ${{inputs.assignees}}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const { execSync } = require('child_process')
execSync('${{ github.action_path }}/assets/debug.sh')
# REVIEWDOG Run
run: ${{ github.action_path }}/assets/debug.sh
shell: bash
# REVIEWDOG Run
- if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
name: Run reviewdog
id: run-reviewdog-pr
shell: bash
env:
ASSIGNEES: ${{inputs.assignees}}
REVIEWDOG_GITHUB_API_TOKEN: ${{ inputs.github_token }}
SEC_ACTION_DEBUG: ${{ inputs.debug }}
PYPI_INDEX_URL: ${{ inputs.pip_audit_pypi_index_url }}
PYPI_INSECURE_HOSTS: ${{ inputs.pip_audit_pypi_insecure_hosts }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const { execSync } = require('child_process')
execSync('${{ github.action_path }}/assets/reviewdog.sh')
run: ${{ github.action_path }}/assets/reviewdog.sh
- if: ${{ steps.reviewdog-enabled-full.outputs.result == 'true' }}
name: Run reviewdog full
id: run-reviewdog-full
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
GITHUB_BASE_REF: ''
with:
script: |
const { execSync } = require('child_process')
execSync('${{ github.action_path }}/assets/reviewdog.sh')
shell: bash
run: unset GITHUB_BASE_REF && ${{ github.action_path }}/assets/reviewdog.sh
- id: comments-after
if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
Expand Down Expand Up @@ -282,18 +266,15 @@ runs:
github_token: ${{ inputs.github_token }}
assignees: ${{ fromJson(steps.assignees-after.outputs.result) }}
- if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && hashFiles('reviewdog.fail.log') }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const fs = require('fs')
const log = fs.readFileSync('reviewdog.fail.log', 'UTF-8').replaceAll(/^/g, '\x1B[0;34m')
console.log('\033[0;31mThis action encountered an error while reporting the following findings via the Github API:')
console.log(log)
console.log('\033[0;31mThe failure of this action should not prevent you from merging your PR. Please report this failure to the maintainers of https://github.com/brave/security-action \033[0m')
shell: bash
run: |
set +x
echo -e '\033[0;31mThis action encountered an error while reporting the following findings via the Github API:'
cat reviewdog.fail.log | sed 's/^/\x1B[0;34m/'
echo -e '\033[0;31mThe failure of this action should not prevent you from merging your PR. Please report this failure to the maintainers of https://github.com/brave/security-action \033[0m'
- if: ${{ steps.reviewdog-enabled.outputs.result == 'true' && !inputs.slack_token && hashFiles('reviewdog.fail.log') }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: throw new Error('Error was thrown and Slack token is missing, exiting eagerly!')
shell: bash
run: exit 1
- if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' && inputs.slack_token && hashFiles('reviewdog.fail.log') }}
id: reviewdog-fail-log-head
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
Expand Down

0 comments on commit 706b320

Please sign in to comment.