add action summary, build steps

2024-09-06 10:03:37 -04:00 · 2024-09-06 10:03:37 -04:00 · 13e8182a8d
commit 13e8182a8d
parent d51130a14b
7 changed files with 27 additions and 9 deletions
--- a/7
+++ b/7
@ -8,10 +8,11 @@ RUN CGO_ENABLED=0 go build -ldflags="-s -w" -trimpath -o build/goscan
 FROM alpine:3.20
-RUN apk --no-cache update && apk --no-cache upgrade
+RUN apk --no-cache update && apk --no-cache upgrade && apk --no-cache add curl
 COPY --from=builder /app/build/goscan /goscan
 COPY ./entrypoint.sh /entrypoint.sh
-RUN chmod +x /goscan
+RUN chmod +x /goscan && chmod +x /entrypoint.sh
-ENTRYPOINT ["/goscan"]
+ENTRYPOINT ["/entrypoint.sh"]
--- a/action.yml
+++ b/action.yml
@ -0,0 +1,5 @@
 name: 'GoSec Scanning'
 description: 'Scan codebase with gosec'
 runs:
  using: 'docker'
  image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,3 @@
 #!/bin/sh
 docker buildx build --platform=linux/amd64,linux/arm64/v8 --push -t git.shadowhosting.xyz/actions/goscan .
--- a/cmd/root.go
+++ b/cmd/root.go
@ -10,6 +10,7 @@ import (
 	"github.com/kr/pretty"
 	"github.com/nao1215/markdown"
 	"github.com/owenrumney/go-sarif/sarif"
 	"github.com/sethvargo/go-githubactions"
 	"log"
 	"os"
 	"strconv"
@ -27,6 +28,8 @@ var rootCmd = &cobra.Command{
 	Short: "A brief description of your application",
 	Run: func(cmd *cobra.Command, args []string) {
 		action := githubactions.New()
 		cwd, err := os.Getwd()
 		if err != nil {
 			log.Fatalln(err)
@ -56,11 +59,6 @@ var rootCmd = &cobra.Command{
 		run := report.Runs[0]
 		outputFile, err := os.Create("output.md")
 		if err != nil {
 			log.Fatal(err)
 		}
 		var rows [][]string
 		sevCountMap := map[string]int{
 			"high":   0,
@ -127,7 +125,8 @@ var rootCmd = &cobra.Command{
 		}
-		markdownHandler := markdown.NewMarkdown(outputFile)
+		var markdownOutput strings.Builder
 		markdownHandler := markdown.NewMarkdown(&markdownOutput)
 		markdownHandler.H1("GoSec Results:")
 		markdownHandler.PlainText("<details>")
@ -165,6 +164,8 @@ var rootCmd = &cobra.Command{
 			log.Fatalln(err)
 		}
 		action.AddStepSummary(markdownOutput.String())
 	},
 }
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,5 @@
 #!/bin/sh
 curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b /usr/local/bin
 gosec -no-fail -fmt sarif -out output.sarif ./...
 /goscan
--- a/go.mod
+++ b/go.mod
@ -38,6 +38,7 @@ require (
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/sethvargo/go-githubactions v1.3.0 // indirect
 	github.com/skeema/knownhosts v1.2.2 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -80,6 +80,8 @@ github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6g
 github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
 github.com/sethvargo/go-githubactions v1.3.0 h1:Kg633LIUV2IrJsqy2MfveiED/Ouo+H2P0itWS0eLh8A=
 github.com/sethvargo/go-githubactions v1.3.0/go.mod h1:7/4WeHgYfSz9U5vwuToCK9KPnELVHAhGtRwLREOQV80=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/skeema/knownhosts v1.2.2 h1:Iug2P4fLmDw9f41PB6thxUkNUkJzB5i+1/exaj40L3A=
 github.com/skeema/knownhosts v1.2.2/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo=
		`@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`docker buildx build --platform=linux/amd64,linux/arm64/v8 --push -t git.shadowhosting.xyz/actions/goscan .`