diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..6770962 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @fabasoad diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..983ca7b --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,9 @@ +--- +custom: + [ + "https://www.bitcoinqrcodemaker.com/?style=bitcoin&address=145HwyQAcv4vrzUumJhu7nWGAVBysX9jJH&prefix=on", + "https://paypal.me/fabasoad", + ] +github: ["fabasoad"] +ko_fi: fabasoad +liberapay: fabasoad diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..0f0c470 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,37 @@ +--- +name: Bug report +about: Create a report to help us improve +title: "" +labels: bug +assignees: fabasoad +--- + +## Describe the bug + +A clear and concise description of what the bug is. + +## Steps to Reproduce + +1. Run '...' +2. See error + +## Expected behavior + +A clear and concise description of what you expected to happen. + +## Actual behavior + +A clear and concise description of what is happening now. + +## Screenshots + +If applicable, add screenshots to help explain your problem. + +## Technical information (please complete the following information) + +- OS: [e.g. Windows 10 Enterprise v.1909 (OS Build 18363.720)] +- `setup-depscan-action` version [e.g. 0.1.0] + +## Additional context + +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..407ee58 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,25 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: "" +labels: enhancement +assignees: fabasoad +--- + +## Is your feature request related to a problem? Please describe + +A clear and concise description of what the problem is. Ex. I'm always frustrated +when [...] + +## Describe the solution you'd like + +A clear and concise description of what you want to happen. + +## Describe alternatives you've considered + +A clear and concise description of any alternative solutions or features you've +considered. + +## Additional context + +Add any other context or screenshots about the feature request here. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..4a5d079 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,59 @@ + + +## Pull request checklist + +Please check if your PR fulfills the following requirements: + +- [ ] I have read the [CONTRIBUTING](https://github.com/fabasoad/setup-depscan-action/blob/main/CONTRIBUTING.md) + doc. +- [ ] Tests for the changes have been added (for bug fixes / features). +- [ ] Docs have been reviewed and added / updated if needed (for bug fixes / features). + +## Pull request type + + + + + +Please check the type of change your PR introduces: + +- [ ] Bugfix +- [ ] Feature +- [ ] Code style update (formatting, renaming) +- [ ] Refactoring (no functional changes, no api changes) +- [ ] Build related changes +- [ ] Documentation content changes +- [ ] Other (please describe): + +## What is the current behavior + + + +## What is the new behavior + + + +- +- +- + +## Does this introduce a breaking change + +- [ ] Yes +- [ ] No + + + +## Other information + + + + +--- + +Closes #{IssueNumber} diff --git a/.github/workflows/functional-tests.yml b/.github/workflows/functional-tests.yml new file mode 100644 index 0000000..1ca9397 --- /dev/null +++ b/.github/workflows/functional-tests.yml @@ -0,0 +1,142 @@ +--- +name: Functional Tests + +on: # yamllint disable-line rule:truthy + push: + branches: + - main + pull_request: + paths: + - .github/workflows/functional-tests.yml + - src/** + - action.yml + schedule: + # Every Friday at 09:00 JST + - cron: "0 0 * * 5" + workflow_dispatch: {} + +defaults: + run: + shell: sh + +permissions: + contents: read + +jobs: + get-versions: + name: Get 3 latest versions + runs-on: ubuntu-latest + timeout-minutes: 10 + outputs: + versions: ${{ steps.prepare-list.outputs.versions }} + steps: + - name: Get releases + id: github-releases + uses: yakubique/github-releases@v1.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + repository: "owasp-dep-scan/dep-scan" + sort: "desc" + - name: Prepare list + id: prepare-list + env: + RELEASES_AMOUNT: "3" + run: | + versions=$(echo '${{ steps.github-releases.outputs.releases }}' \ + | jq -c -r --arg n "${RELEASES_AMOUNT}" '.[0:($n | tonumber)] | map(sub("^v"; "")) | . += ["latest"]') + echo "versions=${versions}" >> "$GITHUB_OUTPUT" + setup-depscan: + name: Setup depscan + needs: [get-versions] + runs-on: ${{ matrix.os }}-latest + timeout-minutes: 5 + strategy: + fail-fast: false + matrix: + os: ["ubuntu", "macos", "windows"] + version: ${{ fromJSON(needs.get-versions.outputs.versions) }} + steps: + - name: Checkout ${{ github.repository }} + uses: actions/checkout@v6 + - name: Setup depscan + id: setup-depscan + uses: ./ + with: + version: ${{ matrix.version }} + - name: Test action completion + run: | + test_equal() { + if [ "${2}" != "${3}" ]; then + echo "::error title=${1}::Expected: ${3}. Actual: ${2}." + exit 1 + fi + } + test_equal "depscan should be installed" \ + "${{ steps.setup-depscan.outputs.installed }}" \ + "true" + - name: Print version + run: depscan --version + setup-depscan-in-container: + name: Setup depscan in container + needs: [get-versions] + runs-on: ubuntu-latest + timeout-minutes: 5 + container: + image: ${{ matrix.image }}:latest + strategy: + fail-fast: false + matrix: + image: ["alpine", "ubuntu"] + steps: + - name: Checkout ${{ github.repository }} + uses: actions/checkout@v6 + - name: Setup depscan + id: setup-depscan + uses: ./ + - name: Test action completion + run: | + test_equal() { + if [ "${2}" != "${3}" ]; then + echo "::error title=${1}::Expected: ${3}. Actual: ${2}." + exit 1 + fi + } + test_equal "depscan should be installed" \ + "${{ steps.setup-depscan.outputs.installed }}" \ + "true" + - name: Print version + run: depscan --version + test-force: + name: Test force + runs-on: ubuntu-latest + timeout-minutes: 5 + strategy: + fail-fast: false + matrix: + force: ["true", "false"] + steps: + - name: Checkout ${{ github.repository }} + uses: actions/checkout@v6 + - name: Setup depscan 1 + id: setup-depscan-1 + uses: ./ + - name: Setup depscan 2 + id: setup-depscan-2 + uses: ./ + with: + force: ${{ matrix.force }} + - name: Test action completion + run: | + test_equal() { + if [ "${2}" != "${3}" ]; then + echo "::error title=${1}::Expected: ${3}. Actual: ${2}." + exit 1 + fi + } + test_equal "Wrong \"installed\" output from setup-depscan-1" \ + "${{ steps.setup-depscan-1.outputs.installed }}" \ + "true" + test_equal "Wrong \"installed\" output from setup-depscan-2" \ + "${{ steps.setup-depscan-2.outputs.installed }}" \ + "${{ matrix.force }}" diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml new file mode 100644 index 0000000..7a9777a --- /dev/null +++ b/.github/workflows/linting.yml @@ -0,0 +1,15 @@ +--- +name: Linting + +on: # yamllint disable-line rule:truthy + pull_request: {} + push: + branches: + - main + +jobs: + pre-commit: + name: Pre-commit + uses: fabasoad/reusable-workflows/.github/workflows/wf-pre-commit.yml@main + permissions: + contents: read diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..83e3285 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,14 @@ +--- +name: Release + +on: # yamllint disable-line rule:truthy + push: + tags: + - "v*.*.*" + +jobs: + github: + name: GitHub + uses: fabasoad/reusable-workflows/.github/workflows/wf-github-release.yml@main + permissions: + contents: write diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..0156746 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,27 @@ +--- +name: Security + +on: # yamllint disable-line rule:truthy + pull_request: {} + push: + branches: + - main + workflow_dispatch: + inputs: + security-type: + description: What Security scanning you would like to run? + required: false + default: "all" + type: choice + options: ["all", "sca", "code-scanning"] + +jobs: + sast: + name: SAST + uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main + permissions: + contents: read + security-events: write + with: + code-scanning: ${{ contains(fromJSON('["all", "code-scanning"]'), github.event.inputs.security-type || 'all') }} + sca: ${{ contains(fromJSON('["all", "sca"]'), github.event.inputs.security-type || 'all') }} diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml new file mode 100644 index 0000000..5e5343f --- /dev/null +++ b/.github/workflows/sync-labels.yml @@ -0,0 +1,17 @@ +--- +name: Labels + +on: # yamllint disable-line rule:truthy + push: + branches: + - main + workflow_dispatch: {} + +jobs: + maintenance: + name: Maintenance + uses: fabasoad/reusable-workflows/.github/workflows/wf-sync-labels.yml@main + permissions: + contents: write + issues: write + pull-requests: write diff --git a/.github/workflows/update-license.yml b/.github/workflows/update-license.yml new file mode 100644 index 0000000..07adda6 --- /dev/null +++ b/.github/workflows/update-license.yml @@ -0,0 +1,15 @@ +--- +name: License + +on: # yamllint disable-line rule:truthy + schedule: + # Every January 1st at 14:00 JST + - cron: "0 5 1 1 *" + +jobs: + maintenance: + name: Maintenance + uses: fabasoad/reusable-workflows/.github/workflows/wf-update-license.yml@main + permissions: + contents: write + pull-requests: write diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2ac7a9f --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +.DS_Store +.envrc +.idea +.vscode diff --git a/.markdownlint.yml b/.markdownlint.yml new file mode 100644 index 0000000..02d4457 --- /dev/null +++ b/.markdownlint.yml @@ -0,0 +1,6 @@ +--- +default: true +MD013: + code_blocks: false + tables: false +MD041: false diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..63f0414 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,79 @@ +--- +default_install_hook_types: ["pre-commit", "pre-push"] +default_stages: ["pre-commit", "pre-push"] +minimum_pre_commit_version: 4.0.0 +repos: + # Linting + - repo: local + hooks: + - id: prettier + name: Prettier + entry: prettier --write --ignore-unknown + language: node + types: [text] + args: [] + files: ^(.*\.md|.*\.yaml|.*\.yml)$ + # https://github.com/prettier/prettier/releases + additional_dependencies: ["prettier@3.8.1"] + stages: ["pre-commit"] + # Security + - repo: https://github.com/Yelp/detect-secrets + rev: v1.5.0 + hooks: + - id: detect-secrets + - repo: https://github.com/gitleaks/gitleaks + rev: v8.30.0 + hooks: + - id: gitleaks + - repo: https://github.com/fabasoad/pre-commit-grype + rev: v0.6.4 + hooks: + - id: grype-dir + args: + - --grype-args=--by-cve --fail-on=low + - --hook-args=--log-level debug + stages: ["pre-push"] + # Markdown + - repo: https://github.com/igorshubovych/markdownlint-cli + rev: v0.47.0 + hooks: + - id: markdownlint-fix + stages: ["pre-commit"] + # Shell + - repo: https://github.com/openstack/bashate + rev: 2.1.1 + hooks: + - id: bashate + args: ["-i", "E003,E006"] + stages: ["pre-commit"] + # Yaml + - repo: https://github.com/adrienverge/yamllint + rev: v1.38.0 + hooks: + - id: yamllint + stages: ["pre-push"] + # GitHub Actions + - repo: https://github.com/rhysd/actionlint + rev: v1.7.10 + hooks: + - id: actionlint + args: ["-pyflakes="] + stages: ["pre-push"] + # Other + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v6.0.0 + hooks: + - id: check-executables-have-shebangs + stages: ["pre-commit"] + - id: check-shebang-scripts-are-executable + stages: ["pre-commit"] + - id: check-merge-conflict + - id: check-json + stages: ["pre-push"] + - id: detect-private-key + - id: end-of-file-fixer + - id: mixed-line-ending + args: ["--fix=lf"] + - id: no-commit-to-branch + stages: ["pre-commit"] + - id: trailing-whitespace diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 0000000..26886f9 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,9 @@ +--- +extends: default + +rules: + comments: + min-spaces-from-content: 1 + line-length: + max: 185 + level: error diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..9c4d973 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,59 @@ +# Contributing guidance + +We love your input! We want to make contributing to this project as easy and +transparent as possible, whether it's: + +- Reporting a bug +- Discussing the current state of the code +- Submitting a fix +- Proposing new features +- Becoming a maintainer + +## We develop with GitHub + +We use GitHub to host code, to track issues and feature requests, as well as +accept pull requests. + +## We use GitHub flow, so all code changes happen through pull requests + +Pull requests are the best way to propose changes to the codebase (we use +[GitHub flow](https://guides.github.com/introduction/flow/index.html)). We +actively welcome your pull requests: + +1. Fork the repo and create your branch from `main`. +2. If you've added code that should be tested, add tests. +3. If you've changed APIs, update the documentation. +4. Ensure the test suite passes. +5. Make sure your code lints. +6. Issue that pull request! + +## Any contributions you make will be under the MIT Software License + +In short, when you submit code changes, your submissions are understood to be +under the same [MIT License](http://choosealicense.com/licenses/mit/) that covers +the project. Feel free to contact the maintainers if that's a concern. + +## Report bugs using [GitHub Issues](https://github.com/fabasoad/setup-depscan-action/issues) + +We use GitHub issues to track public bugs. Report a bug by opening a new issue. +It's that easy! + +## Create issue using provided GitHub issue templates + +This repository has issue templates for bug report and feature request. Please +use them to create an issue and fill all required fields. + +## Use a consistent coding style + +Please follow all the rules from [this](https://google.github.io/styleguide/shellguide.html) +great guide provided by Google for coding style. + +## License + +By contributing, you agree that your contributions will be licensed under its +MIT License. + +## References + +This document was adapted from the open-source contribution guidelines provided +by [briandk](https://gist.github.com/briandk/3d2e8b3ec8daf5a27a62). diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..7ed0a29 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2026 Yevhen Fabizhevskyi + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md index 451e7d3..8544350 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,70 @@ -# setup-depscan-action -This GitHub action installs depscan CLI tool +# Setup depscan GitHub Action + +[![Stand With Ukraine](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/badges/StandWithUkraine.svg)](https://stand-with-ukraine.pp.ua) +![GitHub release](https://img.shields.io/github/v/release/fabasoad/setup-depscan-action?include_prereleases) +![functional-tests](https://github.com/fabasoad/setup-depscan-action/actions/workflows/functional-tests.yml/badge.svg) +![linting](https://github.com/fabasoad/setup-depscan-action/actions/workflows/linting.yml/badge.svg) +![security](https://github.com/fabasoad/setup-depscan-action/actions/workflows/security.yml/badge.svg) + +This action sets up a [depscan](https://depscan.readthedocs.io/) CLI tool. + +## Supported OS + + +| OS | | +|---------|--------------------| +| Windows | :white_check_mark: | +| Linux | :white_check_mark: | +| macOS | :white_check_mark: | + + +## Prerequisites + +The following tools have to be installed for successful work of this GitHub Action: +[curl](https://curl.se). + +## Inputs + +```yaml +- uses: fabasoad/setup-depscan-action@v0 + with: + # (Optional) depscan version. Defaults to the latest version. + version: "6.1.0" + # (Optional) If "false" skips installation if depscan is already installed. + # If "true" installs depscan in any case. Defaults to "false". + force: "false" + # (Optional) GitHub token that is used to send requests to GitHub API such + # as getting latest release. Defaults to the token provided by GitHub Actions + # environment. + github-token: "${{ github.token }}" +``` + +## Outputs + + +| Name | Description | Example | +|-----------|--------------------------------------|---------| +| installed | Whether depscan was installed or not | `true` | + + +## Example usage + +```yaml +name: Setup depscan + +on: push + +jobs: + example: + name: Example + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - uses: fabasoad/setup-depscan-action@v0 + - name: Run CLI + run: depscan --version +``` + +## Contributions + +![Alt](https://repobeats.axiom.co/api/embed/58a8539fe80d0fc54f758b975ce39aa91ace9fa7.svg "Repobeats analytics image") diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..cc7cc03 --- /dev/null +++ b/action.yml @@ -0,0 +1,63 @@ +--- +name: "Setup depscan" +author: "Yevhen Fabizhevskyi" +description: "Setup depscan GitHub Action" +branding: + icon: terminal + color: gray-dark +inputs: + version: + description: depscan version. Defaults to the latest version. + required: false + default: "latest" + force: + description: | + If "false" skips installation if depscan is already installed. If "true" + installs depscan in any case. Defaults to "false". + required: false + default: "false" + github-token: + description: | + GitHub token that is used to send requests to GitHub API such as downloading + asset. Defaults to the token provided by GitHub Actions environment. + required: false + default: ${{ github.token }} +outputs: + installed: + description: Whether depscan was installed or not. + value: "${{ steps.install-depscan.outcome == 'success' }}" +runs: + using: "composite" + steps: + - name: Collect info + id: info + env: + INPUT_FORCE: "${{ inputs.force }}" + run: ./collect-info.sh "${INPUT_FORCE}" + shell: sh + working-directory: "${{ github.action_path }}/src" + + - name: Setup npm + if: ${{ steps.info.outputs.bin-installed == 'false' && steps.info.outputs.npm-installed == 'false' }} + run: ./install-npm.sh + shell: sh + working-directory: "${{ github.action_path }}/src" + + - name: Setup python + if: ${{ steps.info.outputs.bin-installed == 'false' && steps.info.outputs.python-installed == 'false' }} + run: ./install-python.sh + shell: sh + working-directory: "${{ github.action_path }}/src" + + - name: Setup depscan + if: ${{ steps.info.outputs.bin-installed == 'false' }} + id: install-depscan + env: + INPUT_VERSION: "${{ inputs.version }}" + run: ./install-depscan.sh "${INPUT_VERSION}" + shell: sh + working-directory: "${{ github.action_path }}/src" + + - name: Print version + run: depscan --version + shell: sh diff --git a/src/collect-info.sh b/src/collect-info.sh new file mode 100755 index 0000000..fa02b72 --- /dev/null +++ b/src/collect-info.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env sh + +SCRIPT_PATH=$(realpath "$0") +SRC_DIR_PATH=$(dirname "$SCRIPT_PATH") +LIB_DIR_PATH="${SRC_DIR_PATH}/lib" + +. "${LIB_DIR_PATH}/logging.sh" + +main() { + input_force="${1}" + + npm_installed=$(if command -v npm >/dev/null 2>&1; then echo true; else echo false; fi) + echo "npm-installed=${npm_installed}" >> "$GITHUB_OUTPUT" + + python_installed=$(if command -v python >/dev/null 2>&1; then echo true; else echo false; fi) + echo "python-installed=${python_installed}" >> "$GITHUB_OUTPUT" + + bin_installed="false" + if command -v depscan >/dev/null 2>&1; then + if [ "${input_force}" = "false" ]; then + msg="Installation skipped." + bin_installed="true" + else + msg="Executing forced installation." + fi + log_info "depscan is found at $(which depscan). ${msg}" + else + log_info "depscan is not found. Executing installation." + fi + echo "bin-installed=${bin_installed}" >> "$GITHUB_OUTPUT" +} + +main "$@" diff --git a/src/install-depscan.sh b/src/install-depscan.sh new file mode 100755 index 0000000..5b5a435 --- /dev/null +++ b/src/install-depscan.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env sh + +SCRIPT_PATH=$(realpath "$0") +SRC_DIR_PATH=$(dirname "$SCRIPT_PATH") +LIB_DIR_PATH="${SRC_DIR_PATH}/lib" + +. "${LIB_DIR_PATH}/logging.sh" + +main() { + version="${1}" + log_info "Installing @cyclonedx/cdxgen via npm..." + npm install -g @cyclonedx/cdxgen + log_info "Installing owasp-depscan via pip..." + if [ "${version}" = "latest" ]; then + python -m pip install owasp-depscan --break-system-packages + else + python -m pip install owasp-depscan=="${version}" --break-system-packages + fi +} + +main "$@" diff --git a/src/install-npm.sh b/src/install-npm.sh new file mode 100755 index 0000000..7d03719 --- /dev/null +++ b/src/install-npm.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env sh + +SCRIPT_PATH=$(realpath "$0") +SRC_DIR_PATH=$(dirname "$SCRIPT_PATH") +LIB_DIR_PATH="${SRC_DIR_PATH}/lib" + +. "${LIB_DIR_PATH}/logging.sh" + +main() { + if [ "${RUNNER_OS}" = "macOS" ]; then + log_info "Installing node via brew..." + brew install node + elif [ "${RUNNER_OS}" = "Windows" ]; then + log_info "Installing nodejs-lts via choco..." + choco install nodejs-lts + else + os=$(grep "^ID=" "/etc/os-release" | cut -d '=' -f 2) + if [ "${os}" = "alpine" ]; then + log_info "Installing npm via apk..." + apk --no-cache --update add npm + else + log_info "Installing npm via apt..." + apt update + apt install -y npm + fi + fi +} + +main "$@" diff --git a/src/install-python.sh b/src/install-python.sh new file mode 100755 index 0000000..5e1895e --- /dev/null +++ b/src/install-python.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env sh + +SCRIPT_PATH=$(realpath "$0") +SRC_DIR_PATH=$(dirname "$SCRIPT_PATH") +LIB_DIR_PATH="${SRC_DIR_PATH}/lib" + +. "${LIB_DIR_PATH}/logging.sh" + +main() { + if [ "${RUNNER_OS}" = "macOS" ]; then + log_info "Installing python@3.14 via brew..." + brew install python@3.14 + elif [ "${RUNNER_OS}" = "Windows" ]; then + log_info "Installing python via choco..." + choco install python -y + else + os=$(grep "^ID=" "/etc/os-release" | cut -d '=' -f 2) + if [ "${os}" = "alpine" ]; then + log_info "Installing python3 and py3-pip via apk..." + apk --no-cache --update add python3 py3-pip + else + log_info "Installing python3, python3-pip and python-is-python3 via apt..." + apt update + apt install -y python3 python3-pip python-is-python3 + fi + fi +} + +main "$@" diff --git a/src/lib/logging.sh b/src/lib/logging.sh new file mode 100755 index 0000000..4866ed3 --- /dev/null +++ b/src/lib/logging.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env sh + +# Printing log to the console. +# Parameters: +# 1. (Required) Log level. Options: debug, info, warning, error. +# 2. (Required) Message. +log() { + header="setup-depscan-action" + printf "[%s] [%s] %s %s\n" "${1}" "${header}" "$(date +'%Y-%m-%d %T')" "${2}" 1>&2 +} + +log_info() { + log "info" "${1}" +}