Skip to content
This repository has been archived by the owner on Dec 16, 2024. It is now read-only.

Commit

Permalink
Merge pull request #139 from open-component-model/feature/test-mend
Browse files Browse the repository at this point in the history 
Add Reports to Mend
  • Loading branch information
@shivenduverma-sap
shivenduverma-sap authored Nov 23, 2023
2 parents 2bed233 + 3c95b17 commit 751d323
Showing 1 changed file with 45 additions and 10 deletions.
55 changes: 45 additions & 10 deletions .github/workflows/mend_scan.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
inputs:
logLevel:
Expand All @@ -21,7 +24,8 @@ on:
jobs:
mend-scan:
runs-on: ubuntu-latest

permissions:
pull-requests: write
steps:
- name: Checkout Code
uses: actions/checkout@v4
Expand Down Expand Up @@ -61,6 +65,7 @@ jobs:
PROJECT_TOKEN: ${{ secrets.MEND_PROJECT_TOKEN_MPAS }}
API_KEY: ${{ secrets.MEND_API_ORG_TOKEN }}
EMAIL: ${{ secrets.MEND_API_EMAIL }}
id: report
run: |
data=$(cat <<EOF
{
Expand Down Expand Up @@ -97,7 +102,7 @@ jobs:
high_license_risk_no=$(echo "${high_license_risk}" | jq -r '.retVal[].riskScore.riskScore | select( . != null ) > 52 | select(.==true)'| wc -l )
function print {
printf "############################################\n$1\n############################################\n"
printf "############################################\n$1\n############################################\nMend Scan Tool: https://sap.whitesourcesoftware.com/Wss/WSS.html#!login \n"
}
function restricted_license {
Expand All @@ -118,13 +123,8 @@ jobs:
ret_val="$ret_val$val"
fi
done
print "RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY: ${issue_count}"
if [[ issue_count -gt 0 ]]
then
echo "${ret_val}" | jq .
fi
return $issue_count
export VIOLATIONS_VERBOSE="${ret_val}"
export VIOLATIONS="${issue_count}"
}
print "HIGH/CRITICAL SECURITY VULNERABILITIES: ${security_vulnerability_no}"
Expand Down Expand Up @@ -153,7 +153,42 @@ jobs:
restricted_license
print "RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY: ${VIOLATIONS}"
if [[ $VIOLATIONS -gt 0 ]]
then
echo "${VIOLATIONS_VERBOSE}" | jq .
fi
echo "security_vulnerability_no=$security_vulnerability_no" >> $GITHUB_OUTPUT
echo "major_updates_pending_no=$major_updates_pending_no" >> $GITHUB_OUTPUT
echo "requires_review_no=$requires_review_no" >> $GITHUB_OUTPUT
echo "high_license_risk_no=$high_license_risk_no" >> $GITHUB_OUTPUT
echo "violations=$VIOLATIONS" >> $GITHUB_OUTPUT
if [[ $security_vulnerability_no -gt 0 ]] || [[ $major_updates_pending_no -gt 0 ]] || [[ $requires_review_no -gt 0 ]] || [[ high_license_risk_no -gt 0 ]] || [[ violations -gt 0 ]]
then
exit 1
echo "status=x" >> $GITHUB_OUTPUT
else
echo "status=white_check_mark" >> $GITHUB_OUTPUT
fi
- name: Comment Mend Status on PR
uses: thollander/actions-comment-pull-request@v2.4.3
with:
message: |
## Mend Scan Summary: :${{ steps.report.outputs.status }}:
### Repository: ${{ github.repository }}
| VIOLATION DESCRIPTION | NUMBER OF VIOLATIONS |
| -------------------------------------------- | --------------------------- |
| HIGH/CRITICAL SECURITY VULNERABILITIES | ${{ steps.report.outputs.security_vulnerability_no }} |
| MAJOR UPDATES AVAILABLE | ${{ steps.report.outputs.major_updates_pending_no }} |
| LICENSE REQUIRES REVIEW | ${{ steps.report.outputs.requires_review_no }} |
| LICENSE RISK HIGH | ${{ steps.report.outputs.high_license_risk_no }} |
| RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY | ${{ steps.report.outputs.VIOLATIONS }} |
[Detailed Logs: mend-scan-> Generate Report](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
[Mend UI](https://sap.whitesourcesoftware.com/Wss/WSS.html#!login)
comment_tag: tag_mend_scan



0 comments on commit 751d323

Please sign in to comment.