diff --git a/.github/workflows/pipeline.yml b/.github/workflows/build.yml similarity index 81% rename from .github/workflows/pipeline.yml rename to .github/workflows/build.yml index a6372370..16a02c02 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/build.yml @@ -4,6 +4,7 @@ permissions: contents: write pages: write id-token: write + repository-projects: write on: [push, workflow_dispatch] jobs: @@ -23,6 +24,8 @@ jobs: run: npm run build - name: 'Run Compliance State' uses: ./ + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: cydigConfigPath: ${{ github.workspace }}/src/cydigconfig.json - github-token: ${{ secrets.GITHUB_TOKEN}} + github-token: ${{ secrets.MY_GITHUB_PAT}} diff --git a/package-lock.json b/package-lock.json index 6c05e4fb..55039298 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,6 +11,7 @@ "dependencies": { "@actions/core": "^1.10.0", "@actions/github": "^5.1.1", + "@octokit/action": "^6.0.6", "@vercel/ncc": "^0.36.1", "joi": "^17.10.1" }, @@ -209,6 +210,175 @@ "node": ">= 8" } }, + "node_modules/@octokit/action": { + "version": "6.0.6", + "resolved": "https://registry.npmjs.org/@octokit/action/-/action-6.0.6.tgz", + "integrity": "sha512-glsTZrjXgAHpyDKQah53hQUkb79mSrGSSqLeyiri9wDs3Ds3aaR7D9H3r5kLW6RAY606to9cjwVEClbEkoGoow==", + "dependencies": { + "@octokit/auth-action": "^4.0.0", + "@octokit/core": "^5.0.0", + "@octokit/plugin-paginate-rest": "^9.0.0", + "@octokit/plugin-rest-endpoint-methods": "^10.0.0", + "@octokit/types": "^12.0.0", + "undici": "^5.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/auth-token": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-4.0.0.tgz", + "integrity": "sha512-tY/msAuJo6ARbK6SPIxZrPBms3xPbfwBrulZe0Wtr/DIY9lje2HeV1uoebShn6mx7SjCHif6EjMvoREj+gZ+SA==", + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/core": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@octokit/core/-/core-5.0.1.tgz", + "integrity": "sha512-lyeeeZyESFo+ffI801SaBKmCfsvarO+dgV8/0gD8u1d87clbEdWsP5yC+dSj3zLhb2eIf5SJrn6vDz9AheETHw==", + "dependencies": { + "@octokit/auth-token": "^4.0.0", + "@octokit/graphql": "^7.0.0", + "@octokit/request": "^8.0.2", + "@octokit/request-error": "^5.0.0", + "@octokit/types": "^12.0.0", + "before-after-hook": "^2.2.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/endpoint": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-9.0.1.tgz", + "integrity": "sha512-hRlOKAovtINHQPYHZlfyFwaM8OyetxeoC81lAkBy34uLb8exrZB50SQdeW3EROqiY9G9yxQTpp5OHTV54QD+vA==", + "dependencies": { + "@octokit/types": "^12.0.0", + "is-plain-object": "^5.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/graphql": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-7.0.2.tgz", + "integrity": "sha512-OJ2iGMtj5Tg3s6RaXH22cJcxXRi7Y3EBqbHTBRq+PQAqfaS8f/236fUrWhfSn8P4jovyzqucxme7/vWSSZBX2Q==", + "dependencies": { + "@octokit/request": "^8.0.1", + "@octokit/types": "^12.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/openapi-types": { + "version": "19.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-19.0.0.tgz", + "integrity": "sha512-PclQ6JGMTE9iUStpzMkwLCISFn/wDeRjkZFIKALpvJQNBGwDoYYi2fFvuHwssoQ1rXI5mfh6jgTgWuddeUzfWw==" + }, + "node_modules/@octokit/action/node_modules/@octokit/plugin-paginate-rest": { + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-9.0.0.tgz", + "integrity": "sha512-oIJzCpttmBTlEhBmRvb+b9rlnGpmFgDtZ0bB6nq39qIod6A5DP+7RkVLMOixIgRCYSHDTeayWqmiJ2SZ6xgfdw==", + "dependencies": { + "@octokit/types": "^12.0.0" + }, + "engines": { + "node": ">= 18" + }, + "peerDependencies": { + "@octokit/core": ">=5" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/plugin-rest-endpoint-methods": { + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-10.0.0.tgz", + "integrity": "sha512-16VkwE2v6rXU+/gBsYC62M8lKWOphY5Lg4wpjYnVE9Zbu0J6IwiT5kILoj1YOB53XLmcJR+Nqp8DmifOPY4H3g==", + "dependencies": { + "@octokit/types": "^12.0.0" + }, + "engines": { + "node": ">= 18" + }, + "peerDependencies": { + "@octokit/core": ">=5" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/request": { + "version": "8.1.2", + "resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.1.2.tgz", + "integrity": "sha512-A0RJJfzjlZQwb+39eDm5UM23dkxbp28WEG4p2ueH+Q2yY4p349aRK/vcUlEuIB//ggcrHJceoYYkBP/LYCoXEg==", + "dependencies": { + "@octokit/endpoint": "^9.0.0", + "@octokit/request-error": "^5.0.0", + "@octokit/types": "^12.0.0", + "is-plain-object": "^5.0.0", + "universal-user-agent": "^6.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/request-error": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-5.0.1.tgz", + "integrity": "sha512-X7pnyTMV7MgtGmiXBwmO6M5kIPrntOXdyKZLigNfQWSEQzVxR4a4vo49vJjTWX70mPndj8KhfT4Dx+2Ng3vnBQ==", + "dependencies": { + "@octokit/types": "^12.0.0", + "deprecation": "^2.0.0", + "once": "^1.4.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/action/node_modules/@octokit/types": { + "version": "12.0.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-12.0.0.tgz", + "integrity": "sha512-EzD434aHTFifGudYAygnFlS1Tl6KhbTynEWELQXIbTY8Msvb5nEqTZIm7sbPEt4mQYLZwu3zPKVdeIrw0g7ovg==", + "dependencies": { + "@octokit/openapi-types": "^19.0.0" + } + }, + "node_modules/@octokit/auth-action": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/@octokit/auth-action/-/auth-action-4.0.1.tgz", + "integrity": "sha512-mJLOcFFafIivLZ7BEkGDCTFoHPJv7BeL5Zwy7j5qMDU0b/DKshhi6GCU9tw3vmKhOxTNquYfvwqsEfPpemaaxg==", + "dependencies": { + "@octokit/auth-token": "^4.0.0", + "@octokit/types": "^12.0.0" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/auth-token": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-4.0.0.tgz", + "integrity": "sha512-tY/msAuJo6ARbK6SPIxZrPBms3xPbfwBrulZe0Wtr/DIY9lje2HeV1uoebShn6mx7SjCHif6EjMvoREj+gZ+SA==", + "engines": { + "node": ">= 18" + } + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/openapi-types": { + "version": "19.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-19.0.0.tgz", + "integrity": "sha512-PclQ6JGMTE9iUStpzMkwLCISFn/wDeRjkZFIKALpvJQNBGwDoYYi2fFvuHwssoQ1rXI5mfh6jgTgWuddeUzfWw==" + }, + "node_modules/@octokit/auth-action/node_modules/@octokit/types": { + "version": "12.0.0", + "resolved": "https://registry.npmjs.org/@octokit/types/-/types-12.0.0.tgz", + "integrity": "sha512-EzD434aHTFifGudYAygnFlS1Tl6KhbTynEWELQXIbTY8Msvb5nEqTZIm7sbPEt4mQYLZwu3zPKVdeIrw0g7ovg==", + "dependencies": { + "@octokit/openapi-types": "^19.0.0" + } + }, "node_modules/@octokit/auth-token": { "version": "2.5.0", "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-2.5.0.tgz", @@ -778,6 +948,17 @@ "integrity": "sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==", "dev": true }, + "node_modules/busboy": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz", + "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==", + "dependencies": { + "streamsearch": "^1.1.0" + }, + "engines": { + "node": ">=10.16.0" + } + }, "node_modules/callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", @@ -2356,6 +2537,14 @@ "node": ">=8" } }, + "node_modules/streamsearch": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz", + "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/string-width": { "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", @@ -2504,6 +2693,17 @@ "node": ">=4.2.0" } }, + "node_modules/undici": { + "version": "5.25.2", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.25.2.tgz", + "integrity": "sha512-tch8RbCfn1UUH1PeVCXva4V8gDpGAud/w0WubD6sHC46vYQ3KDxL+xv1A2UxK0N6jrVedutuPHxe1XIoqerwMw==", + "dependencies": { + "busboy": "^1.6.0" + }, + "engines": { + "node": ">=14.0" + } + }, "node_modules/universal-user-agent": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-6.0.0.tgz", diff --git a/package.json b/package.json index 32f78a12..5a3e12bf 100644 --- a/package.json +++ b/package.json @@ -26,13 +26,14 @@ "dependencies": { "@actions/core": "^1.10.0", "@actions/github": "^5.1.1", - "joi": "^17.10.1", - "@vercel/ncc": "^0.36.1" + "@octokit/action": "^6.0.6", + "@vercel/ncc": "^0.36.1", + "joi": "^17.10.1" }, "devDependencies": { - "@types/node": "^20.5.7", "@types/chai": "^4.3.6", "@types/mocha": "^10.0.1", + "@types/node": "^20.5.7", "@types/sinon": "^10.0.16", "@types/sinon-chai": "^3.2.9", "@typescript-eslint/eslint-plugin": "^5.62.0", diff --git a/src/branchprotection/BranchProtectionService.ts b/src/branchprotection/BranchProtectionService.ts index 8f6b416f..b7bdffaf 100644 --- a/src/branchprotection/BranchProtectionService.ts +++ b/src/branchprotection/BranchProtectionService.ts @@ -1,17 +1,37 @@ /* eslint-disable @typescript-eslint/no-explicit-any */ import * as core from '@actions/core'; import * as github from '@actions/github'; +import { Octokit } from '@octokit/action'; export class BranchProtectionService { public static async getStateOfBranchProtection(): Promise { console.log('\n Running branch protection control'); + const octokit: Octokit = new Octokit(); + const { owner, repo }: { owner: string; repo: string } = github.context.repo; + octokit.repos + .getBranchProtection({ + owner: owner, + repo: repo, + branch: 'main', + }) + .then((response: any) => { + console.log( + 'Branch protection is enabled, and reviewers needed are:', + response.data.required_approving_review_count + ); + console.log(response.data); + }) + .catch((error: any) => { + console.log('Branch protections is not enabled for repository: ' + repo); + console.log('Error:', error?.message); + }); + //numberOfReviewers > 0, if state of branch protection changes const numberOfReviewers: number = 0; - const token: string = core.getInput('github-token'); - const octokit: any = github.getOctokit(token); + // const token: string = core.getInput('github-token'); + // const octokit: any = github.getOctokit(token); - const { owner, repo }: { owner: string; repo: string } = github.context.repo; await octokit.rest.repos .getBranchProtection({ owner: owner, @@ -19,11 +39,14 @@ export class BranchProtectionService { branch: 'main', }) .then((response: any) => { - console.log(response.data); + console.log( + 'Branch protection is enabled, and reviewers needed are:', + response.data.required_approving_review_count + ); }) .catch((error: any) => { console.log('Branch protections is not enabled for repository: ' + repo); - console.log('Error: ', error?.message); + console.log('Error:', error?.message); }); core.exportVariable('numberOfReviewers', numberOfReviewers); }