From d61f5207e92d185a3e4eee951dda3243a8e4888f Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Tue, 21 May 2024 16:55:22 +0200 Subject: [PATCH] action.*: move unverified-commits and install semgrep/patchutils steps --- action.cjs | 21 ++++++++++++++++++++- action.yml | 24 ------------------------ 2 files changed, 20 insertions(+), 25 deletions(-) diff --git a/action.cjs b/action.cjs index 32d3fef2..0e51db4f 100644 --- a/action.cjs +++ b/action.cjs @@ -5,6 +5,25 @@ function hashFiles (filename) { } module.exports = async ({ github, context, inputs, steps, actionPath, core }) => { + // unverified-commits steps + let unverifiedCommitsSteps = null + if (steps['reviewdog-enabled-pr'].outputs.result == 'true') { + const actionPath = '${{ github.action_path }}' + + const {default: unverifiedCommits} = await import(`${actionPath}/src/steps/unverifiedCommits.js`) + + unverifiedCommitsSteps = await unverifiedCommits({context, github}) + } + // Install semgrep & pip-audit + if (steps['reviewdog-enabled'].outputs.result === 'true') { + const { execSync } = require('child_process'); + execSync('pip install --disable-pip-version-check -r ${{ github.action_path }}/requirements.txt'); + } + // Install xmllint for safesvg + if (steps['reviewdog-enabled'].outputs.result === 'true') { + const { execSync } = require('child_process'); + execSync('sudo apt-get install -y libxml2-utils'); + } // debug step if (steps['reviewdog-enabled'].outputs.result === 'true' && inputs.debug === 'true') { const { execSync } = require('child_process') @@ -64,7 +83,7 @@ module.exports = async ({ github, context, inputs, steps, actionPath, core }) => shouldTrigger = true } // add unverified-commits label step - if (steps['unverified-commits'].outputs.result === '"UNVERIFIED-CHANGED"') { + if (unverifiedCommitsSteps === '"UNVERIFIED-CHANGED"') { const { default: addLabel } = await import(`${actionPath}/src/steps/addLabel.js`) await addLabel({ context, github, label: 'unverified-commits' }) } diff --git a/action.yml b/action.yml index 8e2855c7..f628582e 100644 --- a/action.yml +++ b/action.yml @@ -131,16 +131,6 @@ runs: const number = await commentsNumber({context, github}) await cleanupComments({context, github}) return number - - id: unverified-commits - if: ${{ steps.reviewdog-enabled-pr.outputs.result == 'true' }} - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - const actionPath = '${{ github.action_path }}' - - const {default: unverifiedCommits} = await import(`${actionPath}/src/steps/unverifiedCommits.js`) - - return await unverifiedCommits({context, github}) - if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: @@ -165,20 +155,6 @@ runs: with: ruby-version: '3.2' bundler-cache: true - - if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }} - name: Install semgrep & pip-audit - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - const { execSync } = require('child_process'); - execSync('pip install --disable-pip-version-check -r ${{ github.action_path }}/requirements.txt'); - - if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }} - name: Install xmllint for safesvg - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - const { execSync } = require('child_process'); - execSync('sudo apt-get install -y libxml2-utils'); - if: ${{ steps.reviewdog-enabled.outputs.result == 'true' }} name: Install tfsec uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0