Skip to content

Commit

Permalink
🐛 Fix null default branch/private fields (#75)
Browse files Browse the repository at this point in the history 
* test

* test

* fix

* fix

* fix

* fix

* typo

* Update entrypoint.sh

Co-authored-by: Chris Carini <6374067+ChrisCarini@users.noreply.github.com>

Co-authored-by: Chris Carini <6374067+ChrisCarini@users.noreply.github.com>
  • Loading branch information
@laurentsimon @ChrisCarini
laurentsimon and ChrisCarini authored Jan 31, 2022
1 parent 9523c76 commit ed70c95
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 5 deletions.
3 changes: 2 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ FROM gcr.io/openssf/scorecard@sha256:8165ad910019422f40c51cbb97ff6e7db0e2e2e11fa
# TODO: use distroless.
FROM debian:9.5-slim
RUN apt-get update && \
apt-get install -y --no-install-recommends jq ca-certificates
apt-get install -y --no-install-recommends \
jq ca-certificates curl

# Copy the scorecard binary from the official scorecard image.
COPY --from=base /scorecard /scorecard
Expand Down
24 changes: 20 additions & 4 deletions entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,28 @@ export SCORECARD_POLICY_FILE="/policy.yml" # Copied at docker image creation.
export SCORECARD_RESULTS_FILE="$INPUT_RESULTS_FILE"
export SCORECARD_RESULTS_FORMAT="$INPUT_RESULTS_FORMAT"
export SCORECARD_PUBLISH_RESULTS="$INPUT_PUBLISH_RESULTS"
# https://docs.github.com/en/actions/learn-github-actions/environment-variables
export SCORECARD_PRIVATE_REPOSITORY="$(jq '.repository.private' $GITHUB_EVENT_PATH)"
export SCORECARD_DEFAULT_BRANCH="refs/heads/$(jq -r '.repository.default_branch' $GITHUB_EVENT_PATH)"
export SCORECARD_REPOSITORY="$(jq -r '.repository.full_name' $GITHUB_EVENT_PATH)"
export SCORECARD_BIN="/scorecard"
export ENABLED_CHECKS=

# WARNING: boolean inputs are strings https://github.com/actions/runner/issues/1483.
## ============================== WARNING ======================================
# https://docs.github.com/en/actions/learn-github-actions/environment-variables
# export SCORECARD_PRIVATE_REPOSITORY="$(jq '.repository.private' $GITHUB_EVENT_PATH)"
# export SCORECARD_DEFAULT_BRANCH="refs/heads/$(jq -r '.repository.default_branch' $GITHUB_EVENT_PATH)"
#
# The $GITHUB_EVENT_PATH file produces:
# private: null
# default_branch: null
#
# for trigger event `schedule`. This is a bug.
# So instead we use the REST API to retrieve the data.
#
# Boolean inputs are strings https://github.com/actions/runner/issues/1483.
# ===============================================================================
curl -s -H "Authorization: Bearer $GITHUB_AUTH_TOKEN" https://api.github.com/repos/$SCORECARD_REPOSITORY > repo_info.json
export SCORECARD_PRIVATE_REPOSITORY="$(cat repo_info.json | jq -r '.private')"
export SCORECARD_DEFAULT_BRANCH="refs/heads/$(cat repo_info.json | jq -r '.default_branch')"
rm repo_info.json

# If the repository is private, never publish the results.
if [[ "$SCORECARD_PRIVATE_REPOSITORY" == "true" ]]; then
Expand All @@ -51,6 +66,7 @@ fi
echo "Event file: $GITHUB_EVENT_PATH"
echo "Event name: $GITHUB_EVENT_NAME"
echo "Ref: $GITHUB_REF"
echo "Repository: $SCORECARD_REPOSITORY"
echo "Private repository: $SCORECARD_PRIVATE_REPOSITORY"
echo "Publication enabled: $SCORECARD_PUBLISH_RESULTS"
echo "Format: $SCORECARD_RESULTS_FORMAT"
Expand Down

0 comments on commit ed70c95

Please sign in to comment.