bug/SP-1356 Fix policy check reporting

perezale · perezale · commit 25d4fff69102 · 2024-08-23T11:20:20.000-03:00
diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml
@@ -10,6 +10,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
   test-action:
diff --git a/README.md b/README.md
@@ -32,6 +32,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
   scanoss-code-scan:
@@ -109,6 +110,7 @@ permissions:
   contents: read
   pull-requests: write
   checks: write
+  actions: read
 
 jobs:
    scanoss-code-scan:
diff --git a/dist/index.js b/dist/index.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "scanoss-code-scan-action",
   "description": "SCANOSS Code Scan Action",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "author": "SCANOSS",
   "private": true,
   "homepage": "https://github.com/scanoss/code-scan-action/",
diff --git a/src/main.ts b/src/main.ts
@@ -21,7 +21,7 @@
    THE SOFTWARE.
  */
 
-import { createCommentOnPR, isPullRequest } from './utils/github.utils';
+import { createCommentOnPR, isPullRequest, getFirstRunId } from './utils/github.utils';
 import { generateJobSummary, generatePRSummary } from './services/report.service';
 import * as core from '@actions/core';
 import * as inputs from './app.input';
@@ -40,11 +40,12 @@ export async function run(): Promise<void> {
 
     // create policies
     core.debug(`Creating policies`);
+    const firstRunId = await getFirstRunId();
 
     //Read declared policies on input parameter 'policies' and create an instance for each one.
     const policies = policyManager.getPolicies();
     for (const policy of policies) {
-      await policy.start();
+      await policy.start(firstRunId);
     }
 
     // run scan
diff --git a/src/policies/copyleft-policy-check.ts b/src/policies/copyleft-policy-check.ts
@@ -81,7 +81,7 @@ export class CopyleftPolicyCheck extends PolicyCheck {
 
     if (details) {
       const { id } = await this.uploadArtifact(details);
-      if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);
+      if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);
     }
 
     if (componentsWithCopyleft.length === 0) {
diff --git a/src/policies/policy-check.ts b/src/policies/policy-check.ts
@@ -64,6 +64,8 @@ export abstract class PolicyCheck {
 
   private _conclusion: CONCLUSION;
 
+  private _firstRunId = -1;
+
   constructor(checkName: string) {
     this.octokit = getOctokit(inputs.GITHUB_TOKEN);
     this.checkName = checkName;
@@ -76,7 +78,7 @@ export abstract class PolicyCheck {
 
   abstract getPolicyName(): string;
 
-  async start(): Promise<any> {
+  async start(runId: number): Promise<any> {
     const result = await this.octokit.rest.checks.create({
       owner: context.repo.owner,
       repo: context.repo.repo,
@@ -87,6 +89,8 @@ export abstract class PolicyCheck {
     this.checkRunId = result.data.id;
     this._raw = result.data;
 
+    this._firstRunId = runId;
+
     this._status = STATUS.INITIALIZED;
     return result.data;
   }
@@ -104,7 +108,7 @@ export abstract class PolicyCheck {
   }
 
   get url(): string {
-    return `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}/job/${this.raw.id}`;
+    return `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${this._firstRunId}/job/${this.raw.id}`;
   }
 
   async run(scannerResults: ScannerResults): Promise<void> {
@@ -152,7 +156,7 @@ export abstract class PolicyCheck {
     return text.length > this.MAX_GH_API_CONTENT_SIZE;
   }
 
-  protected concatPolicyArtifactURLToPolicyCheck(details: string, artifactId: number): string {
+  protected async concatPolicyArtifactURLToPolicyCheck(details: string, artifactId: number): Promise<string> {
     const link =
       `\n\nDownload the ` +
       `[${this.getPolicyName()} Result](${context.serverUrl}/` +
diff --git a/src/policies/undeclared-policy-check.ts b/src/policies/undeclared-policy-check.ts
@@ -70,7 +70,7 @@ export class UndeclaredPolicyCheck extends PolicyCheck {
 
     if (details) {
       const { id } = await this.uploadArtifact(details);
-      if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);
+      if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);
     }
 
     if (nonDeclaredComponents.length === 0) {
diff --git a/src/utils/github.utils.ts b/src/utils/github.utils.ts

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "scanoss-code-scan-action",`
`3`	`3`	`"description": "SCANOSS Code Scan Action",`
`4`		`- "version": "0.2.0",`
	`4`	`+ "version": "0.2.1",`
`5`	`5`	`"author": "SCANOSS",`
`6`	`6`	`"private": true,`
`7`	`7`	`"homepage": "https://github.com/scanoss/code-scan-action/",`
Original file line number	Diff line number	Diff line change
`@@ -81,7 +81,7 @@ export class CopyleftPolicyCheck extends PolicyCheck {`
`81`	`81`
`82`	`82`	`if (details) {`
`83`	`83`	`const { id } = await this.uploadArtifact(details);`
`84`		`- if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);`
	`84`	`+ if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);`
`85`	`85`	`}`
`86`	`86`
`87`	`87`	`if (componentsWithCopyleft.length === 0) {`
Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ export class UndeclaredPolicyCheck extends PolicyCheck {`
`70`	`70`
`71`	`71`	`if (details) {`
`72`	`72`	`const { id } = await this.uploadArtifact(details);`
`73`		`- if (id) details = this.concatPolicyArtifactURLToPolicyCheck(details, id);`
	`73`	`+ if (id) details = await this.concatPolicyArtifactURLToPolicyCheck(details, id);`
`74`	`74`	`}`
`75`	`75`
`76`	`76`	`if (nonDeclaredComponents.length === 0) {`