fix: empty commit for testing

filipeforattini · Jul 11, 2022 · d303d73 · d303d73
1 parent 1faf6da
commit d303d73
Show file tree

Hide file tree

Showing 6 changed files with 79 additions and 45 deletions.
diff --git a/.github/actions/pipeline-config-scrapper/index.js b/.github/actions/pipeline-config-scrapper/index.js
diff --git a/.github/actions/pipeline-config-scrapper/index.js.map b/.github/actions/pipeline-config-scrapper/index.js.map
diff --git a/.github/actions/setup-binaries/action.yml b/.github/actions/setup-binaries/action.yml
@@ -0,0 +1,20 @@
+name: 'Setup binaries'
+description: 'Greet someone'
+
+inputs:
+  nodejs:
+    description: 'Inform the Nodejs version'
+    required: false
+    default: 'false'
+
+runs:
+  using: "composite"
+
+  steps:
+    - uses: actions/setup-node@v3
+      if: inputs.nodejs != 'false'
+      with:
+        node-version: ${{ inputs.nodejs }}
+
+    - if: inputs.nodejs != 'false'
+      run: npm -g install yarn npm
diff --git a/.github/actions/static-code-analysis/action.yml b/.github/actions/static-code-analysis/action.yml
@@ -0,0 +1,53 @@
+name: 'Static code analysis'
+description: 'Greet someone'
+
+inputs:
+  language:
+    description: 'Inform the main repository language'
+    required: false
+    default: 'javascript'
+
+runs:
+  using: "composite"
+
+  steps:
+    - name: Run GitLeaks scanner
+      if: inputs.staticAnalysis == true
+      uses: docker://opendevsecops/gitleaks
+      with:
+        args: --repo=https://github.com/${{github.repository}}
+
+    - name: Run Trivy scanner
+      if: inputs.staticAnalysis == true
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: 'fs'
+        ignore-unfixed: true
+        format: 'sarif'
+        severity: 'CRITICAL,HIGH'
+        output: 'trivy-results.sarif'
+
+    - name: Upload Trivy results
+      if: inputs.staticAnalysis == true
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: 'trivy-results.sarif'
+
+    - name: Run OSSAR
+      if: inputs.staticAnalysis == true
+      uses: github/ossar-action@v1
+      id: ossar
+
+    - name: Upload OSSAR results
+      if: inputs.staticAnalysis == true
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: ${{ steps.ossar.outputs.sarifFile }}
+
+    - name: Setup CodeQL for ${{ inputs.language }}
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ inputs.language }}
+
+    - name: Run ${{ inputs.language }} CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml
@@ -104,49 +104,10 @@ jobs:
           persist-credentials: false
 
       #job
-      - name: Run GitLeaks scanner
-        if: inputs.staticAnalysis == true
-        uses: docker://opendevsecops/gitleaks
-        with:
-          args: --repo=https://github.com/${{github.repository}}
-
-      - name: Run Trivy scanner
-        if: inputs.staticAnalysis == true
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          severity: 'CRITICAL,HIGH'
-          output: 'trivy-results.sarif'
-
-      - name: Upload Trivy results
-        if: inputs.staticAnalysis == true
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: 'trivy-results.sarif'
-
-      - name: Run OSSAR
-        if: inputs.staticAnalysis == true
-        uses: github/ossar-action@v1
-        id: ossar
-
-      - name: Upload OSSAR results
-        if: inputs.staticAnalysis == true
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: ${{ steps.ossar.outputs.sarifFile }}
-
-      #node
-      - name: Setup CodeQL for Javascript
-        if: inputs.staticAnalysis == true && needs.Setup.outputs.BuildNode == 'true'
-        uses: github/codeql-action/init@v2
+      - name: Setup | Dependencies
+        uses: filipeforattini/ff-iac-github-actions/.github/actions/static-code-analysis@main
         with:
-          languages: javascript
-
-      - name: Run Javascript CodeQL Analysis
-        if: inputs.staticAnalysis == true && needs.Setup.outputs.BuildNode == 'true'
-        uses: github/codeql-action/analyze@v2
+          language: ${{ needs.Setup.outputs.Language }}
 
 
   #--------------------------------------------------#

diff --git a/src/actions/pipeline-config-scrapper/src/code.js b/src/actions/pipeline-config-scrapper/src/code.js
@@ -18,5 +18,5 @@ module.exports = async (analysis) => {
   const language = langIterator.pop().language;
   core.info(`language detected! is a ${language} repository`);
 
-  analysis.language = language;
+  analysis.language = language.toLowerCase();
 };