Merge pull request #227 from stackhawk/windows-testing

Support for running on windows, update octokit, 2.1.2 prep

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2.1.1
+current_version = 2.1.2
 commit = True
 tag = False
 

.github/workflows/test.yml

@@ -2,12 +2,17 @@ name: "action-tests"
 on:
   pull_request:
   push:
+    branches:
+      - main
 
 jobs:
   # Run JS unit tests
   unit-tests:
+    strategy:
+      matrix:
+        runner: [ 'ubuntu-latest', 'windows-latest' ]
     name: Unit Tests
-    runs-on: ubuntu-20.04
+    runs-on: ${{ matrix.runner }}
     env:
       SHAWK_API_KEY: ${{ secrets.HAWK_API_KEY }}
     steps:
@@ -19,11 +24,20 @@ jobs:
 
   # Run a HawkScan with this Action
   live-test:
+    strategy:
+      matrix:
+        runner: [ 'ubuntu-latest', 'windows-latest' ]
     name: Live Test
-    runs-on: ubuntu-20.04
+    runs-on: ${{ matrix.runner }}
     steps:
       - name: Check it out
         uses: actions/checkout@v3
+      - name: Setup java on Windows
+        if: ${{ matrix.runner=='windows-latest' }}
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
       - name: Run Scan
         id: run-scan
         uses: ./
@@ -36,24 +50,30 @@ jobs:
       - name: Check Scan Id
         run: echo "The last scan id was ${{ steps.run-scan.outputs.scanId }}"
 
-
-
   # Run a HawkScan with verbose and debug logging
   verbose-debug-test:
     name: Verbose and Debug Logging Test
-    runs-on: ubuntu-20.04
+    strategy:
+      matrix:
+        runner: [ 'ubuntu-latest', 'windows-latest' ]
+    runs-on: ${{ matrix.runner }}
     steps:
       - name: Check it out
         uses: actions/checkout@v3
+      - name: Setup java on Windows
+        if: ${{ matrix.runner=='windows-latest' }}
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
       - name: Run Scan
         uses: ./
         with:
           apiKey: ${{ secrets.HAWK_API_KEY }}
           githubToken: ${{ github.token }}
           configurationFiles: __tests__/stackhawk.yml
           codeScanningAlerts: true
-          sourceURL: ${{ secrets.TEST_HAWK_CLI_SOURCE_URL }}
-          version: 2.2.0-beta
+          version: 3.3.0
           verbose: true
           debug: true
 

README.md

@@ -28,7 +28,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
 ```
@@ -44,7 +44,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         args: |
           --hawk-mem 1g
@@ -61,7 +61,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         command: rescan
 ```
@@ -77,7 +77,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
         dryRun: true
@@ -94,7 +94,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
         configurationFiles: stackhawk.yml stackhawk-extra.yml
@@ -111,7 +111,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
     with:
       installCLIOnly: true
     - name: Run CLI Scan
@@ -131,7 +131,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v2
-    - uses: stackhawk/hawkscan-action@v2.1.1
+    - uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
         codeScanningAlerts: true
@@ -154,7 +154,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: stackhawk/hawkscan-action@v2.1.1
+      - uses: stackhawk/hawkscan-action@v2.1.2
         with:
           apiKey: ${{ secrets.HAWK_API_KEY }}
           verbose: true
@@ -171,7 +171,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: stackhawk/hawkscan-action@v2.1.1
+      - uses: stackhawk/hawkscan-action@v2.1.2
         with:
           workspace: ./app/config/
 ```
@@ -186,7 +186,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: stackhawk/hawkscan-action@v2.1.1
+      - uses: stackhawk/hawkscan-action@v2.1.2
         with:
           version: 2.7.0
 ```
@@ -241,7 +241,7 @@ jobs:
         pip3 install -r requirements.txt
         nohup python3 app.py &
     - name: Scan my app
-      uses: stackhawk/hawkscan-action@v2.1.1
+      uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
 ```
@@ -265,7 +265,7 @@ jobs:
         APP_HOST: 'http://localhost:5000'
         APP_ID: AE624DB7-11FC-4561-B8F2-2C8ECF77C2C7
         APP_ENV: Development
-      uses: stackhawk/hawkscan-action@v2.1.1
+      uses: stackhawk/hawkscan-action@v2.1.2
       with:
         apiKey: ${{ secrets.HAWK_API_KEY }}
         dryRun: true
@@ -276,6 +276,27 @@ jobs:
 
 The configuration above will perform a dry run, meaning it will only print out the Docker command that it would run if `dryRun` were set to `false`, which is the default.  Finally, it tells HawkScan to use the `stackhawk.yml` configuration file and overlay the `stackhawk-extra.yml` configuration file on top of it.
 
+## Windows Support
+The HawkScan action is also supported on windows! With some nuances:
+
+### Ensure java is up to date
+Github's `windows-2022` runners may default to an earlier version of Java 11. As a result, you might see this error when running on Windows:
+
+```
+Error: A JNI error has occurred, please check your installation and try again
+com/stackhawk/zap/Bootstrap has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0
+```
+
+To address this, Java on Hosted Windows Runners can be easily setup in a prior workflow step to instead use a later java version:
+```yaml
+    - uses: actions/setup-java@v3
+      with:
+        distribution: 'temurin'
+        java-version: '17'
+```
+
+Due to the nature of powershell and how we call java, this defect may not fail a build, and can pass silently.
+
 ## Need Help?
 
 If you have questions or need some help, please email us at support@stackhawk.com.

__tests__/index.js

@@ -90,8 +90,9 @@ test('cli dry-run', () => {
   });
   const inputs = utilities.gatherInputs();
   const cliCommand = utilities.buildCLICommand(inputs);
+  const hawk = utilities.hawkExecutable();
   expect(cliCommand)
-      .toEqual(`hawk --api-key=hawk.xxxxXXXXxxXXxxxXXxXX.xxxXXxxxXXxxXXxxxXXX scan --repo-dir ${workspace} --cicd-platform github-action stackhawk.yml`);
+      .toEqual(`${hawk} --api-key=hawk.xxxxXXXXxxXXxxxXXxXX.xxxXXxxxXXxxXXxxxXXX scan --repo-dir ${workspace} --cicd-platform github-action stackhawk.yml`);
 });
 
 test('cli dry-run args', () => {
@@ -104,8 +105,9 @@ test('cli dry-run args', () => {
   });
   const inputs = utilities.gatherInputs();
   const cliCommand = utilities.buildCLICommand(inputs);
+  const hawk = utilities.hawkExecutable();
   expect(cliCommand)
-      .toEqual(`hawk --api-key=hawk.xxxxXXXXxxXXxxxXXxXX.xxxXXxxxXXxxXXxxxXXX rescan --repo-dir ${workspace} --cicd-platform github-action --scan-id XXxxXXXX-xXXX-xxXX-XXxX-xXXxxXXXXxXX --debug true stackhawk.yml`);
+      .toEqual(`${hawk} --api-key=hawk.xxxxXXXXxxXXxxxXXxXX.xxxXXxxxXXxxXXxxxXXX rescan --repo-dir ${workspace} --cicd-platform github-action --scan-id XXxxXXXX-xXXX-xxXX-XXxX-xXXxxXXXXxXX --debug true stackhawk.yml`);
 });
 
 test('get download object', () => {