Build verify-codeql-usage package

Signed-off-by: GitHub <noreply@github.com>
department-of-veterans-affairs · Oct 20, 2023 · da3b899 · da3b899
1 parent abf4738
commit da3b899
Showing 1 changed file with 47 additions and 6 deletions.
diff --git a/verify-codeql-usage/dist/index.js b/verify-codeql-usage/dist/index.js
@@ -12669,6 +12669,7 @@ const {throttling} = __nccwpck_require__(6348)
 
 const org = core.getInput('ORG', {required: true, trimWhitespace: true})
 const repo = core.getInput('REPO', {required: true, trimWhitespace: true})
+const pullRequestNumber = core.getInput('PULL_REQUEST_NUMBER', {required: true, trimWhitespace: true})
 const token = core.getInput('TOKEN', {required: true, trimWhitespace: true})
 
 const _Octokit = Octokit.plugin(retry, throttling)
@@ -12689,6 +12690,21 @@ const client = new _Octokit({
 
 })
 
+const comment = async (org, repo, number, message) => {
+    try {
+        core.info(`Commenting on PR #${number}`)
+        await client.issues.createComment({
+            owner: org,
+            repo: repo,
+            issue_number: number,
+            body: message
+        })
+    } catch (e) {
+        core.setFailed(`Error commenting on PR #${number}: ${e.message}`)
+        process.exit(0)
+    }
+}
+
 const main = async () => {
     try {
         core.info('Checking if repository ignored')
@@ -12702,7 +12718,7 @@ const main = async () => {
     } catch (e) {
         if(e.status !== 404) {
             core.setFailed(`Error checking if repository is ignored: ${e.message}`)
-            process.exit(1)
+            process.exit(0)
         }
     }
 
@@ -12716,14 +12732,30 @@ const main = async () => {
         })
 
         if (analyses.length === 0) {
+            const message = `Your repository is not in compliance with OIS requirements for CodeQL usage.
+
+Your repository is not using CodeQL but has been identified as a repository required to perform code-scanning using CodeQL. Please refer to OIS guidance for configuring CodeQL: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage
+
+Please refer to OIS guidance for configuring CodeQL using the OIS approved libraries: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage
+
+If you have additional questions about this comment, please open a ticket here: https://github.com/department-of-veterans-affairs/github-user-requests/issues/new/choose`
+            await comment(org, repo, pullRequestNumber, message)
             core.setFailed(`No CodeQL analyses found, please refer to OIS guidance for configuring CodeQL: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage`)
-            process.exit(1)
+            process.exit(0)
         }
         core.info(`Found CodeQL analysis: ${analyses[0].url}`)
 
         if (!analyses[0].category.startsWith('ois')) {
+            const message = `Your repository is not in compliance with OIS requirements for CodeQL usage.
+
+Your repository is using CodeQL, but not using OIS approved code-scanning libraries.
+
+Please refer to OIS guidance for configuring CodeQL using the OIS approved libraries: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage
+
+If you have additional questions about this comment, please open a ticket here: https://github.com/department-of-veterans-affairs/github-user-requests/issues/new/choose`
+            await comment(org, repo, pullRequestNumber, message)
             core.setFailed(`CodeQL analysis found, but not using OIS approved code-scanning libraries. Please refer to OIS guidance for configuring CodeQL using the OIS approved libraries: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage`)
-            process.exit(1)
+            process.exit(0)
         }
         core.info(`Repository is using OIS approved libraries: ${analyses[0].category}`)
 
@@ -12732,18 +12764,27 @@ const main = async () => {
         const diffTime = Math.abs(today - analysisDate)
         const diffDays = Math.ceil(diffTime / (1000 * 60 * 60 * 24))
         if (diffDays > 7) {
+            const message = `Your repository is not in compliance with OIS requirements for CodeQL usage. 
+
+Your repository has not been scanned in the last 7 days. Please update your automation to run CodeQL analysis at least once weekly.
+
+Please refer to OIS guidance for configuring CodeQL: https://department-of-veterans-affairs.github.io/ois-swa-wiki/docs/ghas/codeql-usage`
+            await comment(org, repo, pullRequestNumber, message)
             core.setFailed(`CodeQL analysis found, but it is older than 7 days. Please update your automation to run CodeQL analysis at least once weekly.`)
-            process.exit(1)
+            process.exit(0)
         }
         core.info(`Recent, valid CodeQL analysis found: ${diffDays} days`)
     } catch (e) {
         core.setFailed(`Error checking for CodeQL usage, please open a ticket here https://github.com/department-of-veterans-affairs/github-user-requests/issues/new/choose for additional help: ${e.message}`)
-        process.exit(1)
+        process.exit(0)
     }
     core.info(`CodeQL usage checks successful, repository is in compliance.`)
 }
 
-main()
+main().catch(e => {
+    core.setFailed(e.message)
+    process.exit(0)
+})
 })();
 
 module.exports = __webpack_exports__;