From ad8c4aadf34e36a2d5de05d3077a17e8f7bd58e6 Mon Sep 17 00:00:00 2001 From: Yong Yan Date: Tue, 22 Jun 2021 19:17:03 -0700 Subject: [PATCH] Add Github Action required files and test workflow. --- .github/workflows/main.yml | 16 ++++++++++++++++ Dockerfile | 15 +++++++++++++++ action.yml | 12 ++++++++++++ entrypoint.sh | 5 +++++ 4 files changed, 48 insertions(+) create mode 100644 .github/workflows/main.yml create mode 100644 Dockerfile create mode 100644 action.yml create mode 100644 entrypoint.sh diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..e14c92e --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,16 @@ +on: [push] + +jobs: + sarif: + runs-on: ubuntu-latest + name: Flawfinder + steps: + # To use this repository's private action, + # you must check out the repository + - name: Checkout + uses: actions/checkout@v2 + + - name: Flawfinder action step + uses: ./ # Uses an action in the root directory + with: + command: '--version' diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..daa167a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +# Container image that runs your code +FROM ubuntu:20.04 + +# Copies your code file from your action repository to the filesystem path `/` of the container +COPY entrypoint.sh /entrypoint.sh + + +RUN apt update -y + +RUN apt install python3-pip -y + +RUN pip install flawfinder + +# Code file to execute when the docker container starts up (`entrypoint.sh`) +ENTRYPOINT ["/entrypoint.sh"] diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..cd4b566 --- /dev/null +++ b/action.yml @@ -0,0 +1,12 @@ +name: 'Flawfinder' +description: 'Execute Flawfinder' +inputs: + command: + description: 'Command to be sent to Flawfinder' + required: false + default: '--help' +runs: + using: 'docker' + image: 'Dockerfile' + args: + - ${{ inputs.command }} diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..7c35a4b --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,5 @@ +#!/bin/sh -l + +flawfinder $1 + +echo "Executed with success."