diff --git a/docker-scout/action.yml b/docker-scout/action.yml index 4d451ac..4be18a3 100644 --- a/docker-scout/action.yml +++ b/docker-scout/action.yml @@ -18,6 +18,10 @@ inputs: image: description: 'Name of the image' required: true + output-file: + description: 'whether the program outputs a file at all' + default: false + required: false outputs: result-file: @@ -25,59 +29,5 @@ outputs: value: ${{ steps.run.outputs.result-file }} runs: - using: composite - steps: - - - uses: actions/github-script@v7 - id: run - with: - script: | - const fs = require('fs'); - const os = require('os'); - const path = require('path'); - - await core.group(`Pull docker/scout-cli image`, async () => { - await exec.exec(`docker pull docker.io/docker/scout-cli:${{ inputs.version }}`); - }); - - await core.group(`Copy binary`, async () => { - const res = await exec.getExecOutput('docker', ['create', 'docker.io/docker/scout-cli:${{ inputs.version }}'], { - ignoreReturnCode: true - }); - if (res.stderr.length > 0 && res.exitCode != 0) { - throw new Error(res.stderr); - } - const ctnid = res.stdout.trim(); - const dockerCfgPath = process.env.DOCKER_CONFIG || path.join(os.homedir(), '.docker'); - const pluginsPath = path.join(dockerCfgPath, 'cli-plugins'); - fs.mkdirSync(pluginsPath, {recursive: true}); - await exec.exec(`docker cp ${ctnid}:/docker-scout ${pluginsPath}`); - await exec.exec(`docker rm -v ${ctnid}`); - }); - - await core.group(`Docker info`, async () => { - await exec.exec(`docker info`); - }); - - let version; - await core.group(`Docker scout version`, async () => { - const res = await exec.getExecOutput('docker', ['scout', 'version'], { - ignoreReturnCode: true, - silent: true - }); - if (res.stderr.length > 0 && res.exitCode != 0) { - throw new Error(res.stderr); - } - const matchVersion = res.stdout.trim().match(/version:\s(.*?)\s/); - version = matchVersion ? matchVersion[1] : null; - if (!version) { - throw new Error('Failed to get Docker scout version'); - } - core.info(version); - }); - - // TODO: cache binary - - const resultPath = path.join(fs.mkdtempSync(path.join(os.tmpdir(), 'docker-scout-action-')), 'result.txt'); - core.setOutput('result-file', resultPath); - await exec.exec('docker', ['scout', 'cves', `${{ inputs.image }}`, '--format', `${{ inputs.format }}`, `--output`, resultPath]); + using: node24 + main: index.js \ No newline at end of file diff --git a/docker-scout/index.js b/docker-scout/index.js new file mode 100644 index 0000000..9b48414 --- /dev/null +++ b/docker-scout/index.js @@ -0,0 +1,95 @@ +const fs = require('fs'); +const os = require('os'); +const core = require('@actions/core'); +const path = require('path'); + +async function pullDockerImage(version) { + await core.group(`Pull docker/scout-cli image`, async () => { + await exec.exec(`docker pull docker.io/docker/scout-cli:${version}`); + }); +} + +async function copyBinary(version) { + await core.group(`Copy binary`, async () => { + const res = await exec.getExecOutput('docker', ['create', `docker.io/docker/scout-cli:${version}`], { + ignoreReturnCode: true + }); + if (res.stderr.length > 0 && res.exitCode != 0) { + throw new Error(res.stderr); + } + const ctnid = res.stdout.trim(); + const dockerCfgPath = process.env.DOCKER_CONFIG || path.join(os.homedir(), '.docker'); + const pluginsPath = path.join(dockerCfgPath, 'cli-plugins'); + fs.mkdirSync(pluginsPath, { recursive: true }); + await exec.exec(`docker cp ${ctnid}:/docker-scout ${pluginsPath}`); + await exec.exec(`docker rm -v ${ctnid}`); + }); +} + +async function dockerInfo() { + await core.group(`Docker info`, async () => { + await exec.exec(`docker info`); + }); +} + +async function getScoutVersion() { + let version; + await core.group(`Docker scout version`, async () => { + const res = await exec.getExecOutput('docker', ['scout', 'version'], { + ignoreReturnCode: true, + silent: true + }); + if (res.stderr.length > 0 && res.exitCode != 0) { + throw new Error(res.stderr); + } + const matchVersion = res.stdout.trim().match(/version:\s(.*?)\s/); + version = matchVersion ? matchVersion[1] : null; + if (!version) { + throw new Error('Failed to get Docker scout version'); + } + core.info(version); + }); + return version; +} + +async function runScoutCommand(commands, image, format, outputFile) { + const resultPath = path.join(fs.mkdtempSync(path.join(os.tmpdir(), 'docker-scout-action-')), 'result.txt'); + core.setOutput('result-file', resultPath); + + for (const cmd of commands) { + if (outputFile) { + const res = await exec.getExecOutput('docker', ['scout', cmd, image, '--format', format], { silent: true }); + if (res.stderr && res.stderr.length > 0) { + throw new Error(res.stderr); + } + + fs.appendFile(resultPath, res.stdout); + } else { + await exec.exec('docker', ['scout', cmd, image, '--format', format]); + } + } + return resultPath; +} + +async function main(inputs) { + try { + const commandInput = core.getInput('command'); + const commands = commandInput.split(',').map(cmd => cmd.trim()).filter(cmd => cmd.length > 0); + const scoutVersion = core.getInput('version'); + const outputFormat = core.getInput('format'); + const imageName = core.getInput('image'); + const outputFile = core.getInput('output-file') === 'true'; + + await pullDockerImage(scoutVersion); + await copyBinary(scoutVersion); + await dockerInfo(); + const version = await getScoutVersion(); + // TODO: cache binary (no changes per your request) + await runScoutCommand(commands, imageName, outputFormat, outputFile); + } + catch (error) { + core.setFailed(error.message); + console.error(error); + } +} +main() \ No newline at end of file