From ca574040aa530b498458b4c4b705acc8eb82edeb Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:07:29 +0000 Subject: [PATCH 01/23] update --- entrypoint.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 9b21942e..5fcb3631 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -22,6 +22,15 @@ set -euo pipefail # GITHUB_EVENT_NAME contains the event name. # GITHUB_ACTIONS is true in GitHub env. +if [[ -c "$INPUT_REPO_TOKEN" ]]; then + echo "entering" + INPUT_REPO_TOKEN="$GITHUB_TOKEN" + if [[ -z "$GITHUB_TOKEN" ]]; then + echo "it's empty" + exit 2 + fi +fi + export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" export ENABLE_SARIF=1 export ENABLE_LICENSE=1 From 5ddeb3ca4f5cea5bbbf6ec68d73593c86cb0e251 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:11:42 +0000 Subject: [PATCH 02/23] update --- entrypoint.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 5fcb3631..7d965624 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -22,13 +22,15 @@ set -euo pipefail # GITHUB_EVENT_NAME contains the event name. # GITHUB_ACTIONS is true in GitHub env. -if [[ -c "$INPUT_REPO_TOKEN" ]]; then +if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" INPUT_REPO_TOKEN="$GITHUB_TOKEN" if [[ -z "$GITHUB_TOKEN" ]]; then echo "it's empty" exit 2 fi +else + echo "not empty" fi export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" From 9bcb238111b609debace6f3b3c3e95ba5ae190e8 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:13:51 +0000 Subject: [PATCH 03/23] update --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 7d965624..2a83479a 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -30,7 +30,7 @@ if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi else - echo "not empty" + echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0)" fi export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" From a8d2c81b5c6bde1efcae61fce68f033a96a78194 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:17:55 +0000 Subject: [PATCH 04/23] update --- entrypoint.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 2a83479a..05c71563 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -31,6 +31,8 @@ if [[ -z "$INPUT_REPO_TOKEN" ]]; then fi else echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0)" + echo -n "$INPUT_REPO_TOKEN" > ./tofile.txt + cat ./tofile.txt | base64 -w0 fi export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" From 76397d3412c9cd035fd9a4561e639424fadde8d8 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:22:27 +0000 Subject: [PATCH 05/23] update --- entrypoint.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 05c71563..d92e5960 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -30,9 +30,7 @@ if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi else - echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0)" - echo -n "$INPUT_REPO_TOKEN" > ./tofile.txt - cat ./tofile.txt | base64 -w0 + echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" fi export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" From 3d4493017dc6a13567756db109808ad01cb278fa Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:34:54 +0000 Subject: [PATCH 06/23] update --- entrypoint.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index d92e5960..554b3e14 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -24,11 +24,14 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" - INPUT_REPO_TOKEN="$GITHUB_TOKEN" - if [[ -z "$GITHUB_TOKEN" ]]; then + # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. + INPUT_REPO_TOKEN="env | grep GITHUB_TOKEN | cut -d '=' -f2" + if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" exit 2 fi + + echo echo "set to: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" else echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" fi From 2ad993f84c4943cdce2f15ff414e82626dce04d1 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:37:04 +0000 Subject: [PATCH 07/23] update --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 554b3e14..5cb035bf 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,7 +25,7 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. - INPUT_REPO_TOKEN="env | grep GITHUB_TOKEN | cut -d '=' -f2" + INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" exit 2 From 0f0cc3d56a7a4a51ebba580558189fee9e3225fe Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:41:36 +0000 Subject: [PATCH 08/23] update --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 5cb035bf..5f5cf32d 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -31,7 +31,7 @@ if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi - echo echo "set to: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" + echo "set to: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" else echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" fi From 5a4ef8f9006a5a9f0120f8875a9b5b52d37003ae Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:49:02 +0000 Subject: [PATCH 09/23] update --- entrypoint.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 5f5cf32d..81528920 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,6 +25,8 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. + echo "env:" + env INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" From 0f5f5f6d4eae0a369fecbef652caa37ab3e9c78a Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 17:55:03 +0000 Subject: [PATCH 10/23] update --- entrypoint.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 81528920..4850377f 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,9 +25,12 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. - echo "env:" - env - INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" + # echo "env:" + # env + # echo "get token:" + # TOK=$(env | grep GITHUB_TOKEN) + # INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" + INPUT_REPO_TOKEN="$ACTIONS_RUNTIME_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" exit 2 From e6809d4dc78877dee8fac465c49ccf902a64ca59 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:02:09 +0000 Subject: [PATCH 11/23] update --- entrypoint.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 4850377f..364e467b 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,10 +25,11 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "entering" # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. - # echo "env:" - # env - # echo "get token:" - # TOK=$(env | grep GITHUB_TOKEN) + echo "env:" + env + echo "get token:" + TOK=$(env | grep GITHUB_TOKEN) + echo "TOK: $TOK" # INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" INPUT_REPO_TOKEN="$ACTIONS_RUNTIME_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then From 1266bd106dd72a9399190125f55254e416da43d5 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:06:21 +0000 Subject: [PATCH 12/23] update --- action.yaml | 5 +++++ entrypoint.sh | 10 +--------- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/action.yaml b/action.yaml index 882aa646..2e2aaa2e 100644 --- a/action.yaml +++ b/action.yaml @@ -37,6 +37,11 @@ inputs: required: false default: false + default_token: + description: "INPUT: Default GitHub token with read access. (Internal purpose only, not intended for developers to set)." + required: false + default: ${{ github.token }} + branding: icon: "mic" color: "white" diff --git a/entrypoint.sh b/entrypoint.sh index 364e467b..0ea9b810 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -23,15 +23,7 @@ set -euo pipefail # GITHUB_ACTIONS is true in GitHub env. if [[ -z "$INPUT_REPO_TOKEN" ]]; then - echo "entering" - # Note: we don't use GITHUB_TOKEN directly because bash complains about "unbound" variable. - echo "env:" - env - echo "get token:" - TOK=$(env | grep GITHUB_TOKEN) - echo "TOK: $TOK" - # INPUT_REPO_TOKEN="$(env | grep GITHUB_TOKEN | cut -d '=' -f2)" - INPUT_REPO_TOKEN="$ACTIONS_RUNTIME_TOKEN" + INPUT_REPO_TOKEN="$GITHUB_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" exit 2 From 502f160c126ed4a1f77b862564250f0e29ff4382 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:07:52 +0000 Subject: [PATCH 13/23] update --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 0ea9b810..2dd34003 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -23,7 +23,7 @@ set -euo pipefail # GITHUB_ACTIONS is true in GitHub env. if [[ -z "$INPUT_REPO_TOKEN" ]]; then - INPUT_REPO_TOKEN="$GITHUB_DEFAULT_TOKEN" + INPUT_REPO_TOKEN="$INPUT_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then echo "it's empty" exit 2 From b9e2c80cc87efff12108dba84447e0eb335871b7 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:10:15 +0000 Subject: [PATCH 14/23] update --- entrypoint.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 2dd34003..4c8b3548 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -25,13 +25,9 @@ set -euo pipefail if [[ -z "$INPUT_REPO_TOKEN" ]]; then INPUT_REPO_TOKEN="$INPUT_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then - echo "it's empty" exit 2 fi - - echo "set to: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" -else - echo "not empty: $(echo -n $INPUT_REPO_TOKEN | base64 -w0 | base64 -w0)" + echo "The repo_token was empty so GITHUB_TOKEN is used instead" fi export GITHUB_AUTH_TOKEN="$INPUT_REPO_TOKEN" From f6a38db020c04cee9df853359ee0a70de43d4787 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:19:42 +0000 Subject: [PATCH 15/23] update --- action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yaml b/action.yaml index 2e2aaa2e..73c39d5a 100644 --- a/action.yaml +++ b/action.yaml @@ -38,7 +38,7 @@ inputs: default: false default_token: - description: "INPUT: Default GitHub token with read access. (Internal purpose only, not intended for developers to set)." + description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Useful for pull requests configured with a PAT)." required: false default: ${{ github.token }} From 74c5fcca2315893964ee2b4a0528724e7f3cff7d Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 18:20:03 +0000 Subject: [PATCH 16/23] update --- action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yaml b/action.yaml index 73c39d5a..791ce1d5 100644 --- a/action.yaml +++ b/action.yaml @@ -38,7 +38,7 @@ inputs: default: false default_token: - description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Useful for pull requests configured with a PAT)." + description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." required: false default: ${{ github.token }} From 391e711dbc0c32fd0b1f39ee7695a588eb8f5e1a Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 6 Jun 2022 19:22:54 +0000 Subject: [PATCH 17/23] update --- action.yaml | 2 +- entrypoint.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yaml b/action.yaml index 791ce1d5..77cc2e39 100644 --- a/action.yaml +++ b/action.yaml @@ -37,7 +37,7 @@ inputs: required: false default: false - default_token: + internal_default_token: description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." required: false default: ${{ github.token }} diff --git a/entrypoint.sh b/entrypoint.sh index 4c8b3548..a756d492 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -23,7 +23,7 @@ set -euo pipefail # GITHUB_ACTIONS is true in GitHub env. if [[ -z "$INPUT_REPO_TOKEN" ]]; then - INPUT_REPO_TOKEN="$INPUT_DEFAULT_TOKEN" + INPUT_REPO_TOKEN="$INPUT_INTERNAL_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi From b087e9152b0ee834fe738401a4edf2e8f32b119c Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Thu, 16 Jun 2022 18:25:52 +0000 Subject: [PATCH 18/23] test --- action.yaml | 10 ++++++---- entrypoint.sh | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/action.yaml b/action.yaml index 77cc2e39..db639aba 100644 --- a/action.yaml +++ b/action.yaml @@ -37,10 +37,10 @@ inputs: required: false default: false - internal_default_token: - description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." - required: false - default: ${{ github.token }} + # internal_default_token: + # description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." + # required: false + # default: ${{ github.token }} branding: icon: "mic" @@ -49,5 +49,7 @@ branding: runs: using: "docker" image: "./Dockerfile" + env: + INTERNAL_DEFAULT_TOKEN: ${{ github.token }} diff --git a/entrypoint.sh b/entrypoint.sh index a756d492..831199cf 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -23,7 +23,7 @@ set -euo pipefail # GITHUB_ACTIONS is true in GitHub env. if [[ -z "$INPUT_REPO_TOKEN" ]]; then - INPUT_REPO_TOKEN="$INPUT_INTERNAL_DEFAULT_TOKEN" + INPUT_REPO_TOKEN="$INTERNAL_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi From 03f357f5b7a996367f3330a3ab0357f16bf80195 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Thu, 16 Jun 2022 18:30:38 +0000 Subject: [PATCH 19/23] updates --- action.yaml | 10 ++++------ entrypoint.sh | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/action.yaml b/action.yaml index db639aba..77cc2e39 100644 --- a/action.yaml +++ b/action.yaml @@ -37,10 +37,10 @@ inputs: required: false default: false - # internal_default_token: - # description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." - # required: false - # default: ${{ github.token }} + internal_default_token: + description: "INPUT: Default GitHub token. (Internal purpose only, not intended for developers to set. Used for pull requests configured with a PAT)." + required: false + default: ${{ github.token }} branding: icon: "mic" @@ -49,7 +49,5 @@ branding: runs: using: "docker" image: "./Dockerfile" - env: - INTERNAL_DEFAULT_TOKEN: ${{ github.token }} diff --git a/entrypoint.sh b/entrypoint.sh index 831199cf..a756d492 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -23,7 +23,7 @@ set -euo pipefail # GITHUB_ACTIONS is true in GitHub env. if [[ -z "$INPUT_REPO_TOKEN" ]]; then - INPUT_REPO_TOKEN="$INTERNAL_DEFAULT_TOKEN" + INPUT_REPO_TOKEN="$INPUT_INTERNAL_DEFAULT_TOKEN" if [[ -z "$INPUT_REPO_TOKEN" ]]; then exit 2 fi From 8c6762520de920330255fcc98df3fcd9d52fed9c Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Thu, 16 Jun 2022 23:29:34 +0000 Subject: [PATCH 20/23] updates --- go.mod | 2 +- options/env.go | 9 +++++---- options/options.go | 6 ++++++ options/options_test.go | 3 +++ 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 7a0e035e..998fa875 100644 --- a/go.mod +++ b/go.mod @@ -10,6 +10,7 @@ require ( github.com/sigstore/cosign v1.9.0 github.com/sirupsen/logrus v1.8.1 github.com/spf13/cobra v1.5.0 + golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2 sigs.k8s.io/release-sdk v0.8.0 sigs.k8s.io/release-utils v0.6.1-0.20220405215325-d4a2a2f0e8fd ) @@ -241,7 +242,6 @@ require ( gocloud.dev v0.25.0 // indirect golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect - golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2 // indirect golang.org/x/sync v0.0.0-20220513210516-0976fa681c29 // indirect golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect diff --git a/options/env.go b/options/env.go index 84e202e8..e3e1f5bd 100644 --- a/options/env.go +++ b/options/env.go @@ -38,10 +38,11 @@ const ( // TODO(input): INPUT_ constants should be removed in a future release once // they have replacements in upstream scorecard. - EnvInputRepoToken = "INPUT_REPO_TOKEN" //nolint:gosec - EnvInputResultsFile = "INPUT_RESULTS_FILE" - EnvInputResultsFormat = "INPUT_RESULTS_FORMAT" - EnvInputPublishResults = "INPUT_PUBLISH_RESULTS" + EnvInputRepoToken = "INPUT_REPO_TOKEN" //nolint:gosec + EnvInputInternalRepoToken = "INPUT_INTERNAL_DEFAULT_TOKEN" //nolint:gosec + EnvInputResultsFile = "INPUT_RESULTS_FILE" + EnvInputResultsFormat = "INPUT_RESULTS_FORMAT" + EnvInputPublishResults = "INPUT_PUBLISH_RESULTS" ) // Errors diff --git a/options/options.go b/options/options.go index 5b9945db..a6c7298e 100644 --- a/options/options.go +++ b/options/options.go @@ -151,6 +151,12 @@ func (o *Options) Print() { func (o *Options) setScorecardOpts() { o.ScorecardOpts = scopts.New() + // Set GITHUB_AUTH_TOKEN + inputToken := os.Getenv(EnvInputRepoToken) + if inputToken == "" { + inputToken := os.Getenv(EnvInputInternalRepoToken) + os.Setenv(EnvGithubAuthToken, inputToken) + } // --repo= | --local // This section restores functionality that was removed in diff --git a/options/options_test.go b/options/options_test.go index 8b4fe802..9c042f4a 100644 --- a/options/options_test.go +++ b/options/options_test.go @@ -241,6 +241,9 @@ func TestNew(t *testing.T) { os.Setenv(EnvInputResultsFormat, tt.resultsFormat) defer os.Unsetenv(EnvInputResultsFormat) + os.Setenv(EnvInputRepoToken, "token-value-123456") + defer os.Unsetenv(EnvInputRepoToken) + if tt.unsetResultsPath { os.Unsetenv(EnvInputResultsFile) } else { From 638899757549cc52fa7443dbc01a39a704a116c2 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Thu, 16 Jun 2022 23:41:38 +0000 Subject: [PATCH 21/23] updates --- options/options.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/options/options.go b/options/options.go index a6c7298e..175a19a6 100644 --- a/options/options.go +++ b/options/options.go @@ -106,7 +106,7 @@ func New() (*Options, error) { // Validate validates the scorecard configuration. func (o *Options) Validate() error { if os.Getenv(EnvGithubAuthToken) == "" { - fmt.Printf("The 'repo_token' variable is empty.\n") + fmt.Printf("%s variable is empty.\n", EnvGithubAuthToken) if o.IsForkStr == trueStr { fmt.Printf("We have detected you are running on a fork.\n") } @@ -154,6 +154,8 @@ func (o *Options) setScorecardOpts() { // Set GITHUB_AUTH_TOKEN inputToken := os.Getenv(EnvInputRepoToken) if inputToken == "" { + fmt.Printf("The 'repo_token' variable is empty.\n") + fmt.Printf("Using the %s instead.\n", EnvInputInternalRepoToken) inputToken := os.Getenv(EnvInputInternalRepoToken) os.Setenv(EnvGithubAuthToken, inputToken) } From 4228ddbd5a6e5657778b1a844f2d86df634c02ba Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 27 Jun 2022 19:02:12 +0000 Subject: [PATCH 22/23] unit tests --- options/options.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/options/options.go b/options/options.go index 175a19a6..34b66d95 100644 --- a/options/options.go +++ b/options/options.go @@ -105,6 +105,7 @@ func New() (*Options, error) { // Validate validates the scorecard configuration. func (o *Options) Validate() error { + fmt.Println("EnvGithubAuthToken:", EnvGithubAuthToken, os.Getenv(EnvGithubAuthToken)) if os.Getenv(EnvGithubAuthToken) == "" { fmt.Printf("%s variable is empty.\n", EnvGithubAuthToken) if o.IsForkStr == trueStr { @@ -155,7 +156,7 @@ func (o *Options) setScorecardOpts() { inputToken := os.Getenv(EnvInputRepoToken) if inputToken == "" { fmt.Printf("The 'repo_token' variable is empty.\n") - fmt.Printf("Using the %s instead.\n", EnvInputInternalRepoToken) + fmt.Printf("Using the '%s' variable instead.\n", EnvInputInternalRepoToken) inputToken := os.Getenv(EnvInputInternalRepoToken) os.Setenv(EnvGithubAuthToken, inputToken) } From bf5883af94c4b58ac3e632daab45ef0a479e4b18 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 27 Jun 2022 19:06:10 +0000 Subject: [PATCH 23/23] update --- options/options_test.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/options/options_test.go b/options/options_test.go index 9c042f4a..6e6877b1 100644 --- a/options/options_test.go +++ b/options/options_test.go @@ -222,8 +222,12 @@ func TestNew(t *testing.T) { os.Setenv(EnvGithubAuthToken, testToken) defer os.Unsetenv(EnvGithubAuthToken) + os.Setenv(EnvInputRepoToken, "token-value-123456") + defer os.Unsetenv(EnvInputRepoToken) + if tt.unsetToken { os.Unsetenv(EnvGithubAuthToken) + os.Unsetenv(EnvInputRepoToken) } os.Setenv(EnvGithubEventPath, tt.githubEventPath) @@ -241,9 +245,6 @@ func TestNew(t *testing.T) { os.Setenv(EnvInputResultsFormat, tt.resultsFormat) defer os.Unsetenv(EnvInputResultsFormat) - os.Setenv(EnvInputRepoToken, "token-value-123456") - defer os.Unsetenv(EnvInputRepoToken) - if tt.unsetResultsPath { os.Unsetenv(EnvInputResultsFile) } else {