diff --git a/ACTION_README.md b/ACTION_README.md deleted file mode 100644 index 2291cb1..0000000 --- a/ACTION_README.md +++ /dev/null @@ -1,229 +0,0 @@ -# [Finite State](https://finitestate.io) `binary-scan` Action - -![Finite state logo](./imgs/FS-Logo.png) -[finitestate.io](https://finitestate.io) - - - -## Description - -The Finite State `binary-scan` GitHub Action allows you to easily integrate the -Finite State Platform into your CI/CD workflows. - -Following the steps below will: - -- Upload the file to the Finite State platform -- Create a new version of the configured asset -- Conduct a Quick Scan binary analysis on the uploaded file -- Associate the results to the asset version - -By default, the asset version will be assigned the existing values for Business -Unit and Created By User. If you need to change these, you can provide the IDs -for them. - -> [!WARNING] -> -> Warning: Ensure the GitHub Actions runner environment supports both Node.js -> and Python when running workflows that include JavaScript and Python scripts. -> Using an incompatible runner environment may result in errors or unexpected -> behavior during script execution. -> -> To avoid issues, consider using a GitHub-hosted runner image like -> 'ubuntu-latest' or 'microsoft-latest' that comes pre-installed with both -> Node.js and Python. - - - - - -## Inputs - -| parameter | description | required | type | default | -| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | --------- | ------- | -| finite-state-client-id | Finite State API client ID | `true` | `string` | | -| finite-state-secret | Finite State API secret | `true` | `string` | | -| finite-state-organization-context | The Organization-Context should have been provided to you by your Finite State representative and looks like `xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx` | `true` | `string` | | -| asset-id | Asset ID for the asset that the new asset version will belong to | `true` | `string` | | -| version | The name of the asset version that will be created | `true` | `string` | | -| file-path | Local path of the file to be uploaded | `true` | `string` | | -| quick-scan | Boolean that uploads the file for quick scan when true. Defaults to true (Quick Scan). For details about the contents of the Quick Scan vs. the Full Scan, please see the API documentation. | `false` | `boolean` | `true` | -| automatic-comment | Defaults to false. If it is true, it will generate a comment in the PR with the link to the Asset version URL in the Finite State Platform. | `false` | `boolean` | `false` | -| github-token | Token used to generate a comment in a the PR. Only required if automatic-comment input is true. | `false` | `string` | | -| business-unit-id | (optional) ID of the business unit that the asset version will belong to. If not provided, the asset version will adopt the existing business unit of the asset. | `false` | `string` | | -| created-by-user-id | (optional) ID of the user to be recorded as the 'Created By User' on the asset version. If not provided, the version will adopt the existing value of the asset. | `false` | `string` | | -| product-id | (optional) ID of the product that the asset version will belong to. If not provided, the existing product for the asset will be used, if applicable. | `false` | `string` | | -| artifact-description | (optional) Description of the artifact. If not provided, the default is "Firmware Binary". | `false` | `string` | | - - - - - -## Outputs - -| parameter | description | -| ----------------- | --------------------------------------------------------------- | -| response | Response from Finite State servers | -| error | Error message or details on why the action fails, if applicable | -| asset-version-url | URL to view your results in the Finite State Platform | - - - -## Set Up Workflow - -To start using this action, you must generate a job within a GitHub Workflow. -You can either establish a -[new GitHub Workflow](https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions) -or use an existing one that aligns with your use case. - -After selecting a GitHub Workflow, proceed to -[customize the events](https://docs.github.com/en/actions/learn-github-actions/events-that-trigger-workflows) -that will activate the workflow, such as pull requests or scheduled events: - -**Example**: - -```yaml -name: Your workflow -on: - pull_request: - branches: - - main - schedule: - - cron: '0 0 * * *' -``` - -If you want the PR to automatically generate a comment with the link to the -results on the Finite State Platform, make sure to grant the necessary -permissions in your workflow. This allows the action to post the comment using -the GitHub workflow token. - -**Example**: - -```yaml -name: Your workflow -permissions: - pull-requests: write - contents: read -``` - -## Usage of this Action - -You will also need to add your code into the workflow. The example only includes -the required parameters. For more details, including optional parameters, please -reference the **Inputs** section. - -**Example:** - -```yaml -uses: FiniteStateInc/binary-scan@v2.0.0 -with: - finite-state-client-id: ${{ secrets.CLIENT_ID }} - finite-state-secret: ${{ secrets.CLIENT_SECRET }} - finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} - asset-id: # The ID of the Asset associated with this scan - version: # The name of the new Asset Version that will be created - file-path: # The path to the file that will be uploaded to the Finite State Platform -``` - -Using the previous code you won't get any comments in the pull request, but file -will be upload to Finite State Platform and you get the link as output of the -action. - -### Auto-Generation of PR Comments - -The following example includes optional parameters `github-token` and -`automatic-comment` to auto-generate a comment in a pull request: - -**Example:** - -```yaml -uses: FiniteStateInc/binary-scan@v1.1.0 -with: - finite-state-client-id: ${{ secrets.CLIENT_ID }} - finite-state-secret: ${{ secrets.CLIENT_SECRET }} - finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} - asset-id: # The ID of the Asset associated with this scan - version: # The name of the new Asset Version that will be created - file-path: # The path to the file that will be uploaded to the Finite State Platform - github-token: ${{ secrets.GITHUB_TOKEN }} # Optional if you would like to generate the comment automatically in the PR - automatic-comment: true # Optional if you would like to generate the comment automatically in the PR -``` - -## Action Debugging - -All details pertaining to the execution of the action will be recorded. You can -review this information in the workflow execution logs, which is a helpful -starting point if you encounter any errors during the action's run. - -![logging example](./imgs/debug_info.png) - -## Extended Feature Example (Optional) - -In this section, we provide a code snippet for integrating this action into your -existing workflow. Primarily, it uploads the file to the Finite State Platform -for analysis. Once that process is complete, it automatically add a comment to -the pull request, including a link pointing to the Finite State Binary Analysis -URL for the uploaded file. You can customize the comment as desired or utilize -the outputs of the action to construct your own. - -Ensure to replace certain values, as indicated in the example workflow: - -```yaml -name: Build -permissions: - pull-requests: write - contents: read -on: - pull_request: - branches: - - main - schedule: - - cron: '0 0 * * *' # At 00:00 every day - -env: - CLIENT_ID: ${{ secrets.CLIENT_ID }} - CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} - ORGANIZATION_CONTEXT: ${{ secrets.ORGANIZATION_CONTEXT }} - ASSET_ID: # Complete with your Asset ID - -jobs: - finitestate-upload-binary: - runs-on: ubuntu-latest - steps: - - name: checkout repo content - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.ref }} - - # - name: (Potentially) Build a system / firmware image - # Uncomment previous line and Put the build steps here (which likely already exist) based on the project - - - name: Upload binary generated file - uses: actions/upload-artifact@v3 - with: - name: binary-artifact - path: # Put the path to your binary file generated in the previous step here - - - name: Binary Scan - uses: FiniteStateInc/binary-scan@v2.0.0 - id: binary_scan - with: - finite-state-client-id: ${{ secrets.CLIENT_ID }} - finite-state-secret: ${{ secrets.CLIENT_SECRET }} - finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} - asset-id: ${{env.ASSET_ID}} - version: ${{github.sha}} # You can name this version anything you'd like. Here, we're using the git commit hash associated with the current run. - file-path: # Put the same path from the "Upload binary generated file" step here - github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR - automatic-comment: true # optional if you would like to generate the comment automatically in the PR - - name: Set response of binary scan - if: steps.binary_scan.outcome=='success' - id: set_response - run: | - echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} - echo Response: "${{steps.binary_scan.outputs.response}}" - echo Error: "${{steps.binary_scan.outputs.error}}" - outputs: - ASSET_VERSION_URL: ${{steps.binary_scan.outputs.asset-version-url}} - ERROR: ${{steps.binary_scan.outputs.error}} - RESPONSE: ${{steps.binary_scan.outputs.response}} -``` diff --git a/DEV_README.md b/DEV_README.md new file mode 100644 index 0000000..5ddd049 --- /dev/null +++ b/DEV_README.md @@ -0,0 +1,165 @@ +# Binary Scan GitHub Action + +This JS action for GitHub was created using this repository as template: +[Create a GitHub Action Using TypeScript](https://github.com/actions/typescript-action). + +This template includes compilation support, tests, a validation workflow, +publishing, and versioning guidance. + +## How to use the action in a GitHub Workflow + +If you would like to use the action, go to the action in the marketplace and +follow the documentation: +[Finite state binary scan](https://github.com/marketplace/actions/finite-state-binary-scan) + +> [!NOTE] +> +> As it was mentioned you don't need to continue reading this Readme if you +> would like to just use the action. +> +> The following documentation make sense if you are a developer of this action +> and you would like to customize or change the behavior of them. + +## Initial Setup + +After you've cloned the repository to your local machine or codespace, you'll +need to perform some initial setup steps before you can develop your action. + +> [!NOTE] +> +> You'll need to have a reasonably modern version of +> [Node.js](https://nodejs.org) handy (20.x or later should work!). If you are +> using a version manager like [`nodenv`](https://github.com/nodenv/nodenv) or +> [`nvm`](https://github.com/nvm-sh/nvm), this template has a `.node-version` +> file at the root of the repository that will be used to automatically switch +> to the correct version when you `cd` into the repository. Additionally, this +> `.node-version` file is used by GitHub Actions in any `actions/setup-node` +> actions. + +1. :hammer_and_wrench: Install the dependencies + + ```bash + npm install + ``` + +1. :building_construction: Package the TypeScript for distribution + + ```bash + npm run bundle + ``` + +1. :white_check_mark: Run the tests + + ```bash + $ npm test + + PASS ./index.test.js + ✓ calls run when imported (3ms) + + ... + ``` + +## Update the Action Metadata + +The [`action.yml`](action.yml) file defines metadata about your action, such as +input(s) and output(s). For details about this file, see +[Metadata syntax for GitHub Actions](https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions). + +## Update the Action Code + +The [`src/`](./src/) directory is the heart of our action. + +There are a few things to keep in mind when writing your action code: + +- Most GitHub Actions toolkit and CI/CD operations are processed asynchronously. + In `main.ts`, you will see that the action is run in an `async` function. + +1. Format, test, and build the action + + ```bash + npm run all + ``` + + > This step is important! It will run [`ncc`](https://github.com/vercel/ncc) + > to build the final JavaScript action code with all dependencies included. + > If you do not run this step, your action will not work correctly when it is + > used in a workflow. This step also includes the `--license` option for + > `ncc`, which will create a license file for all of the production node + > modules used in your project. + +## Validate the Action + +You can now validate the action by referencing it in a workflow file. For +example, [`ci.yml`](./.github/workflows/ci.yml) demonstrates how to reference an +action in the same repository. + +```yaml +steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Binary Scan + id: binary_scan + uses: ./ + with: + finite-state-client-id: ${{ secrets.CLIENT_ID }} + finite-state-secret: ${{ secrets.CLIENT_SECRET }} + finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} + asset-id: ${{env.ASSET_ID}} + version: ${{ github.sha }} + file-path: ./somefile.bin # Put the same path from the "Upload binary generated file" step here + github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR + automatic-comment: true # optional if you would like to generate the comment automatically in the PR + + - name: Set response of binary scan + if: steps.binary_scan.outcome=='success' + id: set_response + run: | + echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} + echo Response: "${{steps.binary_scan.outputs.response}}" + echo Error: "${{steps.binary_scan.outputs.error}}" +``` + +## Usage + +After testing, you can create version tag(s) that developers can use to +reference different stable versions of your action. For more information, see +[Versioning](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md) +in the GitHub Actions toolkit. + +To include the action in a workflow in another repository, you can use the +`uses` syntax with the `@` symbol to reference a specific branch, tag, or commit +hash. + +```yaml +steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Finite State Binary Scan + id: binary_scan + uses: FiniteStateInc/binary-scan@v2.0.0 + with: + finite-state-client-id: ${{ secrets.CLIENT_ID }} + finite-state-secret: ${{ secrets.CLIENT_SECRET }} + finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} + asset-id: ${{env.ASSET_ID}} + version: ${{ github.sha }} + file-path: ./somefile.bin # Put the same path from the "Upload binary generated file" step here + github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR + automatic-comment: true # optional if you would like to generate the comment automatically in the PR + + - name: Set response of binary scan + if: steps.binary_scan.outcome=='success' + id: set_response + run: | + echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} + echo Response: "${{steps.binary_scan.outputs.response}}" + echo Error: "${{steps.binary_scan.outputs.error}}" +``` diff --git a/README.md b/README.md index 5ddd049..2291cb1 100644 --- a/README.md +++ b/README.md @@ -1,165 +1,229 @@ -# Binary Scan GitHub Action +# [Finite State](https://finitestate.io) `binary-scan` Action -This JS action for GitHub was created using this repository as template: -[Create a GitHub Action Using TypeScript](https://github.com/actions/typescript-action). +![Finite state logo](./imgs/FS-Logo.png) +[finitestate.io](https://finitestate.io) -This template includes compilation support, tests, a validation workflow, -publishing, and versioning guidance. + -## How to use the action in a GitHub Workflow +## Description -If you would like to use the action, go to the action in the marketplace and -follow the documentation: -[Finite state binary scan](https://github.com/marketplace/actions/finite-state-binary-scan) +The Finite State `binary-scan` GitHub Action allows you to easily integrate the +Finite State Platform into your CI/CD workflows. -> [!NOTE] +Following the steps below will: + +- Upload the file to the Finite State platform +- Create a new version of the configured asset +- Conduct a Quick Scan binary analysis on the uploaded file +- Associate the results to the asset version + +By default, the asset version will be assigned the existing values for Business +Unit and Created By User. If you need to change these, you can provide the IDs +for them. + +> [!WARNING] > -> As it was mentioned you don't need to continue reading this Readme if you -> would like to just use the action. +> Warning: Ensure the GitHub Actions runner environment supports both Node.js +> and Python when running workflows that include JavaScript and Python scripts. +> Using an incompatible runner environment may result in errors or unexpected +> behavior during script execution. > -> The following documentation make sense if you are a developer of this action -> and you would like to customize or change the behavior of them. +> To avoid issues, consider using a GitHub-hosted runner image like +> 'ubuntu-latest' or 'microsoft-latest' that comes pre-installed with both +> Node.js and Python. -## Initial Setup + -After you've cloned the repository to your local machine or codespace, you'll -need to perform some initial setup steps before you can develop your action. + -> [!NOTE] -> -> You'll need to have a reasonably modern version of -> [Node.js](https://nodejs.org) handy (20.x or later should work!). If you are -> using a version manager like [`nodenv`](https://github.com/nodenv/nodenv) or -> [`nvm`](https://github.com/nvm-sh/nvm), this template has a `.node-version` -> file at the root of the repository that will be used to automatically switch -> to the correct version when you `cd` into the repository. Additionally, this -> `.node-version` file is used by GitHub Actions in any `actions/setup-node` -> actions. +## Inputs -1. :hammer_and_wrench: Install the dependencies +| parameter | description | required | type | default | +| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | --------- | ------- | +| finite-state-client-id | Finite State API client ID | `true` | `string` | | +| finite-state-secret | Finite State API secret | `true` | `string` | | +| finite-state-organization-context | The Organization-Context should have been provided to you by your Finite State representative and looks like `xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx` | `true` | `string` | | +| asset-id | Asset ID for the asset that the new asset version will belong to | `true` | `string` | | +| version | The name of the asset version that will be created | `true` | `string` | | +| file-path | Local path of the file to be uploaded | `true` | `string` | | +| quick-scan | Boolean that uploads the file for quick scan when true. Defaults to true (Quick Scan). For details about the contents of the Quick Scan vs. the Full Scan, please see the API documentation. | `false` | `boolean` | `true` | +| automatic-comment | Defaults to false. If it is true, it will generate a comment in the PR with the link to the Asset version URL in the Finite State Platform. | `false` | `boolean` | `false` | +| github-token | Token used to generate a comment in a the PR. Only required if automatic-comment input is true. | `false` | `string` | | +| business-unit-id | (optional) ID of the business unit that the asset version will belong to. If not provided, the asset version will adopt the existing business unit of the asset. | `false` | `string` | | +| created-by-user-id | (optional) ID of the user to be recorded as the 'Created By User' on the asset version. If not provided, the version will adopt the existing value of the asset. | `false` | `string` | | +| product-id | (optional) ID of the product that the asset version will belong to. If not provided, the existing product for the asset will be used, if applicable. | `false` | `string` | | +| artifact-description | (optional) Description of the artifact. If not provided, the default is "Firmware Binary". | `false` | `string` | | - ```bash - npm install - ``` + -1. :building_construction: Package the TypeScript for distribution + - ```bash - npm run bundle - ``` +## Outputs -1. :white_check_mark: Run the tests +| parameter | description | +| ----------------- | --------------------------------------------------------------- | +| response | Response from Finite State servers | +| error | Error message or details on why the action fails, if applicable | +| asset-version-url | URL to view your results in the Finite State Platform | - ```bash - $ npm test + - PASS ./index.test.js - ✓ calls run when imported (3ms) +## Set Up Workflow - ... - ``` +To start using this action, you must generate a job within a GitHub Workflow. +You can either establish a +[new GitHub Workflow](https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions) +or use an existing one that aligns with your use case. + +After selecting a GitHub Workflow, proceed to +[customize the events](https://docs.github.com/en/actions/learn-github-actions/events-that-trigger-workflows) +that will activate the workflow, such as pull requests or scheduled events: + +**Example**: + +```yaml +name: Your workflow +on: + pull_request: + branches: + - main + schedule: + - cron: '0 0 * * *' +``` -## Update the Action Metadata +If you want the PR to automatically generate a comment with the link to the +results on the Finite State Platform, make sure to grant the necessary +permissions in your workflow. This allows the action to post the comment using +the GitHub workflow token. -The [`action.yml`](action.yml) file defines metadata about your action, such as -input(s) and output(s). For details about this file, see -[Metadata syntax for GitHub Actions](https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions). +**Example**: -## Update the Action Code +```yaml +name: Your workflow +permissions: + pull-requests: write + contents: read +``` -The [`src/`](./src/) directory is the heart of our action. +## Usage of this Action -There are a few things to keep in mind when writing your action code: +You will also need to add your code into the workflow. The example only includes +the required parameters. For more details, including optional parameters, please +reference the **Inputs** section. -- Most GitHub Actions toolkit and CI/CD operations are processed asynchronously. - In `main.ts`, you will see that the action is run in an `async` function. +**Example:** -1. Format, test, and build the action +```yaml +uses: FiniteStateInc/binary-scan@v2.0.0 +with: + finite-state-client-id: ${{ secrets.CLIENT_ID }} + finite-state-secret: ${{ secrets.CLIENT_SECRET }} + finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} + asset-id: # The ID of the Asset associated with this scan + version: # The name of the new Asset Version that will be created + file-path: # The path to the file that will be uploaded to the Finite State Platform +``` - ```bash - npm run all - ``` +Using the previous code you won't get any comments in the pull request, but file +will be upload to Finite State Platform and you get the link as output of the +action. - > This step is important! It will run [`ncc`](https://github.com/vercel/ncc) - > to build the final JavaScript action code with all dependencies included. - > If you do not run this step, your action will not work correctly when it is - > used in a workflow. This step also includes the `--license` option for - > `ncc`, which will create a license file for all of the production node - > modules used in your project. +### Auto-Generation of PR Comments -## Validate the Action +The following example includes optional parameters `github-token` and +`automatic-comment` to auto-generate a comment in a pull request: -You can now validate the action by referencing it in a workflow file. For -example, [`ci.yml`](./.github/workflows/ci.yml) demonstrates how to reference an -action in the same repository. +**Example:** ```yaml -steps: - - name: Checkout - id: checkout - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.ref }} - - - name: Binary Scan - id: binary_scan - uses: ./ - with: - finite-state-client-id: ${{ secrets.CLIENT_ID }} - finite-state-secret: ${{ secrets.CLIENT_SECRET }} - finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} - asset-id: ${{env.ASSET_ID}} - version: ${{ github.sha }} - file-path: ./somefile.bin # Put the same path from the "Upload binary generated file" step here - github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR - automatic-comment: true # optional if you would like to generate the comment automatically in the PR - - - name: Set response of binary scan - if: steps.binary_scan.outcome=='success' - id: set_response - run: | - echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} - echo Response: "${{steps.binary_scan.outputs.response}}" - echo Error: "${{steps.binary_scan.outputs.error}}" +uses: FiniteStateInc/binary-scan@v1.1.0 +with: + finite-state-client-id: ${{ secrets.CLIENT_ID }} + finite-state-secret: ${{ secrets.CLIENT_SECRET }} + finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} + asset-id: # The ID of the Asset associated with this scan + version: # The name of the new Asset Version that will be created + file-path: # The path to the file that will be uploaded to the Finite State Platform + github-token: ${{ secrets.GITHUB_TOKEN }} # Optional if you would like to generate the comment automatically in the PR + automatic-comment: true # Optional if you would like to generate the comment automatically in the PR ``` -## Usage +## Action Debugging + +All details pertaining to the execution of the action will be recorded. You can +review this information in the workflow execution logs, which is a helpful +starting point if you encounter any errors during the action's run. + +![logging example](./imgs/debug_info.png) + +## Extended Feature Example (Optional) -After testing, you can create version tag(s) that developers can use to -reference different stable versions of your action. For more information, see -[Versioning](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md) -in the GitHub Actions toolkit. +In this section, we provide a code snippet for integrating this action into your +existing workflow. Primarily, it uploads the file to the Finite State Platform +for analysis. Once that process is complete, it automatically add a comment to +the pull request, including a link pointing to the Finite State Binary Analysis +URL for the uploaded file. You can customize the comment as desired or utilize +the outputs of the action to construct your own. -To include the action in a workflow in another repository, you can use the -`uses` syntax with the `@` symbol to reference a specific branch, tag, or commit -hash. +Ensure to replace certain values, as indicated in the example workflow: ```yaml -steps: - - name: Checkout - id: checkout - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.ref }} - - - name: Finite State Binary Scan - id: binary_scan - uses: FiniteStateInc/binary-scan@v2.0.0 - with: - finite-state-client-id: ${{ secrets.CLIENT_ID }} - finite-state-secret: ${{ secrets.CLIENT_SECRET }} - finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} - asset-id: ${{env.ASSET_ID}} - version: ${{ github.sha }} - file-path: ./somefile.bin # Put the same path from the "Upload binary generated file" step here - github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR - automatic-comment: true # optional if you would like to generate the comment automatically in the PR - - - name: Set response of binary scan - if: steps.binary_scan.outcome=='success' - id: set_response - run: | - echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} - echo Response: "${{steps.binary_scan.outputs.response}}" - echo Error: "${{steps.binary_scan.outputs.error}}" +name: Build +permissions: + pull-requests: write + contents: read +on: + pull_request: + branches: + - main + schedule: + - cron: '0 0 * * *' # At 00:00 every day + +env: + CLIENT_ID: ${{ secrets.CLIENT_ID }} + CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} + ORGANIZATION_CONTEXT: ${{ secrets.ORGANIZATION_CONTEXT }} + ASSET_ID: # Complete with your Asset ID + +jobs: + finitestate-upload-binary: + runs-on: ubuntu-latest + steps: + - name: checkout repo content + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.ref }} + + # - name: (Potentially) Build a system / firmware image + # Uncomment previous line and Put the build steps here (which likely already exist) based on the project + + - name: Upload binary generated file + uses: actions/upload-artifact@v3 + with: + name: binary-artifact + path: # Put the path to your binary file generated in the previous step here + + - name: Binary Scan + uses: FiniteStateInc/binary-scan@v2.0.0 + id: binary_scan + with: + finite-state-client-id: ${{ secrets.CLIENT_ID }} + finite-state-secret: ${{ secrets.CLIENT_SECRET }} + finite-state-organization-context: ${{ secrets.ORGANIZATION_CONTEXT }} + asset-id: ${{env.ASSET_ID}} + version: ${{github.sha}} # You can name this version anything you'd like. Here, we're using the git commit hash associated with the current run. + file-path: # Put the same path from the "Upload binary generated file" step here + github-token: ${{ secrets.GITHUB_TOKEN }} # optional if you would like to generate the comment automatically in the PR + automatic-comment: true # optional if you would like to generate the comment automatically in the PR + - name: Set response of binary scan + if: steps.binary_scan.outcome=='success' + id: set_response + run: | + echo Asset version URL: ${{steps.binary_scan.outputs.asset-version-url}} + echo Response: "${{steps.binary_scan.outputs.response}}" + echo Error: "${{steps.binary_scan.outputs.error}}" + outputs: + ASSET_VERSION_URL: ${{steps.binary_scan.outputs.asset-version-url}} + ERROR: ${{steps.binary_scan.outputs.error}} + RESPONSE: ${{steps.binary_scan.outputs.response}} ``` diff --git a/action.yml b/action.yml index 3b02add..c69c1fc 100644 --- a/action.yml +++ b/action.yml @@ -80,5 +80,3 @@ outputs: runs: using: node20 main: dist/index.js - -readme: 'ACTION_README.md'