wip

.gitignore

@@ -1,5 +1,7 @@
 # Dependency directory
 node_modules
+dist
+lib
 
 # Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
 # Logs

.npmrc

@@ -0,0 +1,2 @@
+@stark-contrast:registry=https://npm.pkg.github.com
+//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}

.prettierrc.json

@@ -1,10 +1,6 @@
 {
-  "printWidth": 80,
   "tabWidth": 2,
   "useTabs": false,
-  "semi": false,
   "singleQuote": true,
-  "trailingComma": "none",
-  "bracketSpacing": false,
-  "arrowParens": "avoid"
+  "printWidth": 120
 }

Dockerfile

@@ -1,28 +1,31 @@
-FROM node:18-slim
+FROM node:20-slim
 
 # Install latest chrome dev package and fonts to support major charsets (Chinese, Japanese, Arabic, Hebrew, Thai and a few others)
 # Note: this installs the necessary libs to make the bundled version of Chromium that Puppeteer
 # installs, work.
 RUN apt-get update \
-    && apt-get install -y wget gnupg \
-    && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
-    && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
-    && apt-get update \
-    && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
-      --no-install-recommends \
-    && rm -rf /var/lib/apt/lists/*
-
-# Install bash and nvm as convenience
-RUN apt-get install bash
-RUN wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
-# Copies your code file from your action repository to the filesystem path `/` of the container
-COPY entrypoint.sh /stark_ga/entrypoint.sh
-COPY dist /stark_ga/dist
-
-# Install stark accessibility cli
-RUN npm i -g @stark-lab-inc/[email protected] \
-    && stark-accessibility --version
-
-# TODO: symlink /root/.local-chromium to $GITHUB_HOME/.local-chromium to avoid double install or remove install from this step.
-# Code file to execute when the docker container starts up (`entrypoint.sh`)
+  && apt-get install -y wget gnupg \
+  && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
+  && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
+  && apt-get update \
+  && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
+  --no-install-recommends \
+  && rm -rf /var/lib/apt/lists/*
+
+# We want the audit to live in its own directory, so that any build/serve/etc commands
+# that are run from the container will operate on the code to test, not the audit code.
+
+COPY entrypoint.sh package.json yarn.lock .npmrc tsconfig.json /stark_ga/
+
+RUN cd /stark_ga && \
+  yarn install --production --frozen-lockfile && \
+  yarn cache clean --all \
+  && cd -
+
+RUN rm -f /stark_ga/.npmrc
+
+COPY src /stark_ga/src
+
+RUN cd /stark_ga && yarn build && cd -
+
 ENTRYPOINT ["/stark_ga/entrypoint.sh"]

Dockerfile-local

@@ -0,0 +1,34 @@
+FROM node:20-slim
+
+# Install latest chrome dev package and fonts to support major charsets (Chinese, Japanese, Arabic, Hebrew, Thai and a few others)
+# Note: this installs the necessary libs to make the bundled version of Chromium that Puppeteer
+# installs, work.
+RUN apt-get update \
+  && apt-get install -y wget gnupg \
+  && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
+  && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
+  && apt-get update \
+  && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
+  --no-install-recommends \
+  && rm -rf /var/lib/apt/lists/*
+
+# We want the audit to live in its own directory, so that any build/serve/etc commands
+# that are run from the container will operate on the code to test, not the audit code.
+
+COPY entrypoint.sh package.json yarn.lock .npmrc tsconfig.json /stark_ga/
+
+ARG github_token_arg
+ENV GITHUB_TOKEN=$github_token_arg
+
+RUN cd /stark_ga && \
+  yarn install --frozen-lockfile && \
+  yarn cache clean --all \
+  && cd -
+
+RUN rm -f /stark_ga/.npmrc
+
+COPY src /stark_ga/src
+
+RUN cd /stark_ga && yarn build && cd -
+
+ENTRYPOINT ["/stark_ga/entrypoint.sh"]

__tests__/parse-inputs.test.ts

@@ -1,49 +1,44 @@
-import {afterEach, describe} from 'node:test'
-import {getInput, getBooleanInput} from '@actions/core'
-import {expect, jest, test} from '@jest/globals'
-import {
-  InputParams,
-  getCoreInputWithFallback,
-  parseInputs,
-  parseMultilineString
-} from '../src/parse-inputs'
+import { afterEach, describe } from 'node:test';
+import { getInput, getBooleanInput } from '@actions/core';
+import { expect, jest, test } from '@jest/globals';
+import { InputParams, getCoreInputWithFallback, parseInputs, parseMultilineString } from '../src/parse-inputs';
 
 jest.mock('@actions/core', () => ({
   getInput: jest.fn(),
   getBooleanInput: jest.fn(),
-  debug: jest.fn()
-}))
+  debug: jest.fn(),
+}));
 
 describe('getCoreInputSafe', () => {
   test('should return value if it exists', () => {
-    ;(getInput as jest.Mock).mockReturnValueOnce('value')
-    const value = getCoreInputWithFallback('somekey', 'default')
-    expect(value).toBe('value')
-  })
+    (getInput as jest.Mock).mockReturnValueOnce('value');
+    const value = getCoreInputWithFallback('somekey', 'default');
+    expect(value).toBe('value');
+  });
   test('should return default value if it does not exist', () => {
-    ;(getInput as jest.Mock).mockReturnValueOnce(undefined)
-    const value = getCoreInputWithFallback('somekey', 'default')
-    expect(value).toBe('default')
-  })
+    (getInput as jest.Mock).mockReturnValueOnce(undefined);
+    const value = getCoreInputWithFallback('somekey', 'default');
+    expect(value).toBe('default');
+  });
   test('should return default value if it is empty', () => {
-    ;(getInput as jest.Mock).mockReturnValueOnce('')
-    const value = getCoreInputWithFallback('somekey', 'default')
-    expect(value).toBe('default')
-  })
-})
+    (getInput as jest.Mock).mockReturnValueOnce('');
+    const value = getCoreInputWithFallback('somekey', 'default');
+    expect(value).toBe('default');
+  });
+});
 
 describe('parseInput', () => {
   afterEach(() => {
-    ;(getInput as jest.Mock).mockClear()
-    ;(getBooleanInput as jest.Mock).mockClear()
-  })
+    (getInput as jest.Mock).mockClear();
+    (getBooleanInput as jest.Mock).mockClear();
+  });
   test('should return correct default values', () => {
-    ;(getInput as jest.Mock).mockImplementation(key => {
+    (getInput as jest.Mock).mockImplementation((key) => {
       const multilineUrls =
         'localhost:3000/test \n\
-      localhost:3000/about'
-      return key === 'urls' ? multilineUrls : ''
-    })
+      localhost:3000/about';
+      return key === 'urls' ? multilineUrls : '';
+    });
     const expectedInputs: InputParams = {
       setupScript: 'echo "No setup script"',
       preBuildScript: 'echo "No prebuild script"',
@@ -59,42 +54,40 @@ describe('parseInput', () => {
       scanDelay: '100',
       skipErrors: false,
       stealthMode: false,
-      disableFerryman: false,
-      viewport: '800x600'
-    }
+      viewport: '800x600',
+    };
 
-    const inputs = parseInputs()
+    const inputs = parseInputs();
 
-    expect(inputs).toEqual(expectedInputs)
-  })
+    expect(inputs).toEqual(expectedInputs);
+  });
   test('should throw if urls is not provided', () => {
-    ;(getInput as jest.Mock).mockImplementation(key => {
-      if (key === 'urls') throw new Error('')
-      return ''
-    })
+    (getInput as jest.Mock).mockImplementation((key) => {
+      if (key === 'urls') throw new Error('');
+      return '';
+    });
 
-    expect(parseInputs).toThrowError()
-  })
-})
+    expect(parseInputs).toThrowError();
+  });
+});
 
 describe('parseUrls', () => {
   test('should trim whitespaces', () => {
-    const multiUrlString =
-      '      localhost:3000/test\n          http://localhost:5000/test'
-    const urls = parseMultilineString(multiUrlString)
+    const multiUrlString = '      localhost:3000/test\n          http://localhost:5000/test';
+    const urls = parseMultilineString(multiUrlString);
 
-    const expected = ['localhost:3000/test', 'http://localhost:5000/test']
-    expect(urls).toEqual(expected)
-  })
+    const expected = ['localhost:3000/test', 'http://localhost:5000/test'];
+    expect(urls).toEqual(expected);
+  });
 
   test('should skip empty lines', () => {
     const multiUrlString =
       '\n\
     localhost:3000/test\n\
-    http://localhost:5000/test'
-    const urls = parseMultilineString(multiUrlString)
+    http://localhost:5000/test';
+    const urls = parseMultilineString(multiUrlString);
 
-    const expected = ['localhost:3000/test', 'http://localhost:5000/test']
-    expect(urls).toEqual(expected)
-  })
-})
+    const expected = ['localhost:3000/test', 'http://localhost:5000/test'];
+    expect(urls).toEqual(expected);
+  });
+});

action.yml

@@ -25,10 +25,6 @@ inputs:
     description: 'Run a cleanup if needed.'
     required: false
     default: 'echo "Nothing to cleanup"'
-  disable_ferryman:
-    description: 'Enable ferryman on the scanner for optimised scans'
-    required: false
-    default: false
   urls:
     description: 'A list of URLs to be scanned, with each URL belonging to its own line. This value follows YAML conventions for multiline strings.'
     required: true
@@ -82,3 +78,5 @@ runs:
     - ${{ inputs.wait_time }}
     - ${{ inputs.token }}
     - ${{ inputs.viewport }}
+  env:
+    - GITHUB_TOKEN: ${{ secrets.ORG_GH_PKG_TOKEN}}