Merge pull request #295 from codacy/feat/codacy-cli-action-CY2806

afsmeira · web-flow · commit f9640d9e1b41 · 2020-09-18T11:20:18.000+01:00
feat: Create a GitHub action to run Codacy's CLI [CY-2806]
diff --git a/README.md b/README.md
@@ -257,6 +257,59 @@ codacy-analysis-cli analyse \
 
 > In alternative to setting `--api-token` you can define CODACY_API_TOKEN in the environment.
 
+## GitHub Action
+
+The analysis CLI is available to be executed as a GitHub Action. The following is an example of a workflow
+using the CLI as an action, to analyse each commit and pull request.
+
+```yaml
+name: codacy-analysis-cli
+
+on: ["push"]
+
+jobs:
+  codacy-analysis-cli:
+    runs-on: ubuntu-latest
+    name: codacy-analysis-cli
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@master
+      - name: Run codacy-analysis-cli
+        uses: codacy/codacy-analysis-cli@master
+```
+
+Running the action with the default configurations will:
+
+- Analyse the current commit or pull request running all supported tools, with the default configuration,
+  for the languages you are using.
+- Print analysis results into the console (you can check them in GitHub's action workflow panel).
+- Fail the workflow if at least one issue is found in your code.
+
+Check the next section to see how you can further configure this action.
+
+### Caveats
+
+This action supports all [CLI configuration options](#commands-and-configuration) with the following exceptions:
+
+- `--commit-uuid` -- **Not supported**. The action will only analyse the commit that triggered it.
+- `--api-token` -- **Not supported**. Use [`--project-token`](#project-token) instead.
+- `--username` -- **Not supported**. Use [`--project-token`](#project-token) instead.
+- `--project` -- **Not supported**. Use [`--project-token`](#project-token) instead.
+
+The command `validate-configuration` is also **not supported**.
+
+When using `--project-token` make sure to use [GitHub security features](#https://docs.github.com/en/actions/reference/encrypted-secrets)
+to prevent you from committing a secret token to your code. For example, if you store your Codacy project
+token in GitHub, this is how you would use it in the action workflow.
+
+```yaml
+# ...
+uses: codacy/codacy-analysis-cli@master
+with:
+    project-token: ${{ secrets.<PROJECT_TOKEN_NAME> }}
+# ...
+```
+
 ## Build
 
 ### Compile
diff --git a/action.yaml b/action.yaml
@@ -0,0 +1,72 @@
+# action.yml
+name: "codacy-analysis-cli"
+author: "Codacy"
+description: "Execute Codacy code analysis using your remote Codacy configuration"
+branding:
+  icon: 'check'
+  color: 'gray-dark'
+inputs:
+  verbose:
+    required: false
+    description: "Run with verbose output"
+  project-token:
+    required: false
+    description: "A token to fetch your remote Codacy configuration for the project being analysed"
+  codacy-api-base-url:
+    required: false
+    description: "Codacy's API URL, to retrieve the configuration."
+  format:
+    required: false
+    description: "Format of the output file"
+  output:
+    required: false
+    description: "Send analysis results to an output file"
+  directory:
+    required: false
+    description: "The directory to be analysed"
+  parallel:
+    required: false
+    description: "Number of tools to run in parallel"
+  max-allowed-issues:
+    required: false
+    description: "Maximum number of issues allowed for the analysis to succeed"
+  tool:
+    required: false
+    description: "The name of the tool to analyse the code"
+  tool-timeout:
+    required: false
+    description: "Maximum time each tool has to execute"
+  upload:
+    required: false
+    description: "Upload analysis results to Codacy"
+  fail-if-incomplete:
+    required: false
+    description: "Fail the analysis if any tool fails to run"
+  allow-network:
+    required: false
+    description: "Allow network access for tools"
+  force-file-permissions:
+    required: false
+    description: "Force files to be readable by changing the permissions before running the analysis"
+runs:
+  using: "composite"
+  steps:
+    - name: "Codacy CLI"
+      shell: bash
+      run: >-
+        ${{ github.action_path }}/bin/codacy-analysis-cli.sh
+        analyse
+        $(if [ ${{ inputs.verbose }} = true ]; then echo "--verbose"; fi)
+        $(if [ ${{ inputs.project-token }} ]; then echo "--project-token ${{ inputs.project-token }}"; fi)
+        $(if [ ${{ inputs.codacy-api-base-url }} ]; then echo "--codacy-api-base-url ${{ inputs.codacy-api-base-url }}"; fi)
+        $(if [ ${{ inputs.format }} ]; then echo "--format ${{ inputs.format }}"; fi)
+        $(if [ ${{ inputs.output }} ]; then echo "--output ${{ inputs.output }}"; fi)
+        $(if [ ${{ inputs.directory }} ]; then echo "--directory ${{ inputs.directory }}"; fi)
+        $(if [ ${{ inputs.parallel }} ]; then echo "--parallel ${{ inputs.parallel }}"; fi)
+        $(if [ ${{ inputs.max-allowed-issues }} ]; then echo "--max-allowed-issues ${{ inputs.max-allowed-issues }}"; fi)
+        $(if [ ${{ inputs.tool }} ]; then echo "--tool ${{ inputs.tool }}"; fi)
+        $(if [ ${{ inputs.tool-timeout }} ]; then echo "--tool-timeout ${{ inputs.tool-timeout }}"; fi)
+        $(if [ ${{ inputs.upload }} = true ]; then echo "--upload"; fi)
+        $(if [ ${{ inputs.fail-if-incomplete }} = true ]; then echo "--fail-if-incomplete"; fi)
+        $(if [ ${{ inputs.allow-network }} = true ]; then echo "--allow-network"; fi)
+        $(if [ ${{ inputs.force-file-permissions }} = true ]; then echo "--force-file-permissions"; fi)
