diff --git a/package-lock.json b/package-lock.json index 2153033d..ca7a59c3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -32,6 +32,9 @@ "sinon": "^15.2.0", "sinon-chai": "^3.7.0", "typescript": "^4.9.5" + }, + "engines": { + "node": ">=16" } }, "node_modules/@aashutoshrathi/word-wrap": { diff --git a/src/index.ts b/src/index.ts index f69c5aaf..425d4320 100644 --- a/src/index.ts +++ b/src/index.ts @@ -6,11 +6,8 @@ import * as github from '@actions/github'; async function runUpdateComplianceStateTask(): Promise { try { - //Fix these const codeRepositoryName: string = github.context.repo.repo; - const repositoryId: string = core.getInput('github.repository_id'); const subscriptionId: string = core.getInput('subscriptionId'); - const cydigConfigPath: string = core.getInput('cydigConfigPath'); //Need both string?? const cydigConfig: CyDigConfig = getContentOfFile(cydigConfigPath); const teamName: string = cydigConfig.teamName; @@ -26,7 +23,6 @@ async function runUpdateComplianceStateTask(): Promise { const complianceStateService: ComplianceStateService = new ComplianceStateService(); await complianceStateService.createAndSendComplianceState( teamName, - repositoryId, codeRepositoryName, subscriptionId ); diff --git a/src/lib/BodyBuilder.ts b/src/lib/BodyBuilder.ts index 8e512f30..0a8115a3 100644 --- a/src/lib/BodyBuilder.ts +++ b/src/lib/BodyBuilder.ts @@ -3,16 +3,12 @@ import { ResponseBodyBuilder } from './ResponseBodyBuilder'; import { UrlBodyBuilder } from './UrlBodyBuilder'; import { UrlBody } from './UrlBody'; import { ResponseBody } from './ResponseBody'; -import * as core from '@actions/core'; let urls: string = ''; export class BodyBuilder { - createBody(teamName: string, repositoryId: string, codeRepositoryName: string, subscriptionId: string): ResponseBody { - let devopsOrgName: string = process.env.System_TeamFoundationCollectionUri || ''; - //TODO: teamProjectName will be null. - //const teamProjectName: string = process.env.System_TeamProject || ''; - const teamProjectName: string = process.env.System_TeamProject || teamName; + createBody(teamName: string, codeRepositoryName: string, subscriptionId: string): ResponseBody { + const teamProjectName: string = teamName || ''; const allowedLocationPolicy: string = process.env.allowedLocationPolicy || ''; const secureScore: string = process.env.secureScore || ''; const numberOfDeployedVMs: string = process.env.numberOfDeployedVMs || ''; @@ -55,44 +51,6 @@ export class BodyBuilder { const numUserInProdSeverity2: string = process.env.numUserInProdSeverity2 || ''; const numUserInProdSeverity3: string = process.env.numUserInProdSeverity3 || ''; - console.log('devopsOrgName:', devopsOrgName); - console.log('teamProjectName:', process.env.teamProjectName); - console.log('allowedLocationPolicy:', process.env.allowedLocationPolicy); - console.log('secureScore:', process.env.secureScore); - console.log('numberOfDeployedVMs:', process.env.numberOfDeployedVMs); - console.log('threatModelingDate:', process.env.threatModelingDate); - console.log('scaTool:', process.env.scaTool); - console.log('sastTool:', process.env.sastTool); - console.log('pentestDate:', process.env.pentestDate); - console.log('codeQualityTool:', process.env.codeQualityTool); - console.log('numberOfExposedSecrets:', process.env.numberOfExposedSecrets); - console.log('numberOfReviewers:', process.env.numberOfReviewers); - console.log('branchPolicyUpdateDate:', process.env.branchPolicyUpdateDate); - console.log('branchPolicyUpdateEmail:', process.env.branchPolicyUpdateEmail); - console.log('compliantResources:', process.env.compliantResources); - console.log('nonCompliantResources:', process.env.nonCompliantResources); - console.log('scaNumberOfSeverity1:', process.env.scaNumberOfSeverity1); - console.log('scaNumberOfSeverity2:', process.env.scaNumberOfSeverity2); - console.log('scaNumberOfSeverity3:', process.env.scaNumberOfSeverity3); - console.log('scaNumberOfSeverity4:', process.env.scaNumberOfSeverity4); - console.log('cqNumberOfSeverity1:', process.env.cqNumberOfSeverity1); - console.log('cqNumberOfSeverity2:', process.env.cqNumberOfSeverity2); - console.log('cqNumberOfSeverity3:', process.env.cqNumberOfSeverity3); - console.log('cqNumberOfSeverity4:', process.env.cqNumberOfSeverity4); - console.log('cqNumberOfSeverity5:', process.env.cqNumberOfSeverity5); - console.log('sastNumberOfSeverity1:', process.env.sastNumberOfSeverity1); - console.log('sastNumberOfSeverity2:', process.env.sastNumberOfSeverity2); - console.log('sastNumberOfSeverity3:', process.env.sastNumberOfSeverity3); - console.log('tmNumberOfActiveTickets:', process.env.tmNumberOfActiveTickets); - console.log('tmNumberOfClosedTickets:', process.env.tmNumberOfClosedTickets); - console.log('ptNumberOfActiveTickets:', process.env.ptNumberOfActiveTickets); - console.log('ptNumberOfClosedTickets:', process.env.ptNumberOfClosedTickets); - console.log('numUserInProdSeverity1:', process.env.numUserInProdSeverity1); - console.log('numUserInProdSeverity2:', process.env.numUserInProdSeverity2); - console.log('numUserInProdSeverity3:', process.env.numUserInProdSeverity3); - - devopsOrgName = this.splitUrl(devopsOrgName); - //For printing urls in the pipeline const urlBody: UrlBody = new UrlBodyBuilder() .setThreatModelingDate(threatModelingDate) @@ -111,10 +69,8 @@ export class BodyBuilder { urls = UrlBuilder.createUrl( // eslint-disable-line teamName, - devopsOrgName, teamProjectName, codeRepositoryName, - repositoryId, subscriptionId, urlBody ); @@ -146,60 +102,7 @@ export class BodyBuilder { return responseBody; } - splitUrl(devopsOrgName: string): string { - if (typeof devopsOrgName === 'string') { - const splitted: string[] = devopsOrgName.split('/'); - devopsOrgName = splitted[splitted.length - 2]; - } else { - core.setFailed('devopsOrgName is undefined, should be string'); - } - return devopsOrgName; - } getUrls(): string { return urls; } } - -// let devopsOrgName: string = core.getInput('System.TeamFoundationCollectionUri'); -// const teamProjectName: string = core.getInput('System.TeamProject'); -// const allowedLocationPolicy: string = core.getInput('allowedLocationPolicy'); -// const secureScore: string = core.getInput('secureScore'); -// const numberOfDeployedVMs: string = core.getInput('numberOfDeployedVMs'); - -// const threatModelingDate: string = core.getInput('threatModelingDate'); -// const scaTool: string = core.getInput('scaTool'); -// const sastTool: string = core.getInput('sastTool'); -// const pentestDate: string = core.getInput('pentestDate'); -// const codeQualityTool: string = core.getInput('codeQualityTool'); -// const numberOfExposedSecrets: string = core.getInput('numberOfExposedSecrets'); -// const numberOfReviewers: string = core.getInput('numberOfReviewers'); -// const branchPolicyUpdateDate: string = core.getInput('branchPolicyUpdateDate'); -// const branchPolicyUpdateEmail: string = core.getInput('branchPolicyUpdateEmail'); - -// const compliantResources: string = core.getInput('compliantResources'); -// const nonCompliantResources: string = core.getInput('nonCompliantResources'); - -// const scaNumberOfSeverity1: string = core.getInput('SCAnumberOfSeverity1'); -// const scaNumberOfSeverity2: string = core.getInput('SCAnumberOfSeverity2'); -// const scaNumberOfSeverity3: string = core.getInput('SCAnumberOfSeverity3'); -// const scaNumberOfSeverity4: string = core.getInput('SCAnumberOfSeverity4'); - -// const cqNumberOfSeverity1: string = core.getInput('CQnumberOfSeverity1'); -// const cqNumberOfSeverity2: string = core.getInput('CQnumberOfSeverity2'); -// const cqNumberOfSeverity3: string = core.getInput('CQnumberOfSeverity3'); -// const cqNumberOfSeverity4: string = core.getInput('CQnumberOfSeverity4'); -// const cqNumberOfSeverity5: string = core.getInput('CQnumberOfSeverity5'); - -// const sastNumberOfSeverity1: string = core.getInput('SASTnumberOfSeverity1'); -// const sastNumberOfSeverity2: string = core.getInput('SASTnumberOfSeverity2'); -// const sastNumberOfSeverity3: string = core.getInput('SASTnumberOfSeverity3'); - -// const tmNumberOfActiveTickets: string = core.getInput('tmNumberOfActiveTickets'); -// const tmNumberOfClosedTickets: string = core.getInput('tmNumberOfClosedTickets'); - -// const ptNumberOfActiveTickets: string = core.getInput('ptNumberOfActiveTickets'); -// const ptNumberOfClosedTickets: string = core.getInput('ptNumberOfClosedTickets'); - -// const numUserInProdSeverity1: string = core.getInput('numUserInProdSeverity1'); -// const numUserInProdSeverity2: string = core.getInput('numUserInProdSeverity2'); -// const numUserInProdSeverity3: string = core.getInput('numUserInProdSeverity3'); diff --git a/src/lib/ComplianceStateService.ts b/src/lib/ComplianceStateService.ts index 630d300a..8231e807 100644 --- a/src/lib/ComplianceStateService.ts +++ b/src/lib/ComplianceStateService.ts @@ -8,7 +8,6 @@ import * as core from '@actions/core'; export class ComplianceStateService { public async createAndSendComplianceState( teamName: string, - repositoryId: string, codeRepositoryName: string, subscriptionId: string ): Promise { @@ -17,7 +16,6 @@ export class ComplianceStateService { const bodyBuilder: BodyBuilder = new BodyBuilder(); const responseBody: ResponseBody = bodyBuilder.createBody( teamName, - repositoryId, codeRepositoryName, subscriptionId ); @@ -32,8 +30,6 @@ export class ComplianceStateService { .then(() => { const urls: string = bodyBuilder.getUrls(); const outputFilePath: string = path.join(__dirname, 'README_badges.txt'); // Output file in the same directory as the script - //Remove this console.log - console.log('Debug: ' + outputFilePath); fs.writeFileSync(outputFilePath, urls, 'utf-8'); core.setOutput("readme-badges", urls); console.log(urls); @@ -42,7 +38,6 @@ export class ComplianceStateService { .catch((error: any) => { console.log(error); throw new Error(`Request failed with status code: ${error.message}`); - // ${error.response.data}`); }); } } diff --git a/src/lib/UrlBuilder.ts b/src/lib/UrlBuilder.ts index b59ce3ca..238fec49 100644 --- a/src/lib/UrlBuilder.ts +++ b/src/lib/UrlBuilder.ts @@ -2,16 +2,14 @@ export class UrlBuilder { static createUrl( teamName: string, - devopsOrgName: string, teamProjectName: string, codeRepositoryName: string, - repositoryId: string, subscriptionId: string, states: object ): string { //DonĀ“t forget to implement this as github secrets in the repository const urlReadToReadMe: string = process.env.urlRead || ''; - const urlDashboard: string = process.env.urlDashboard || ''; + const urlDashboard: string = "https://cydig.omegapoint.cloud/"; const readToReadMeKeyAcessKey: string = process.env.readToReadMeKeyAcessKey || ''; let urls: string = ''; let encodedURL: string; @@ -60,16 +58,6 @@ export class UrlBuilder { singleBadgeURL = '[![' + state + '](https://img.shields.io/endpoint?url=' + encodedURL + ')]'; switch (state) { - case 'numberOfReviewers': - redirectLink = - '(https://dev.azure.com/' + - devopsOrgName + - '/' + - teamProjectName + - '/_settings/repositories?repo=' + - repositoryId + - '&_a=policiesMid&refs=refs/heads/main)'; - break; case 'secureScore': redirectLink = '(https://portal.azure.com/#view/Microsoft_Azure_Security/RecommendationsBladeV2/subscriptionIds~/%5B%22' +