Merge pull request #2 from Lerer/clean-number-of-sandboxes

Clean number of sandboxes

Author: Lerer

.github/workflows/main.yml

@@ -1,9 +1,4 @@
 on: 
-  push:
-    paths-ignore:
-      - "README.md"
-      - "**.json"
-      - "action.yml"
   workflow_dispatch:
 
 jobs:
@@ -14,14 +9,24 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v2
-      - name: Test Sandbox Cleaning
+      - name: Test Sandbox Cleaning - no sandbox
         env:
           VERACODE_API_ID: '${{ secrets.VERACODE_API_ID }}'
           VERACODE_API_SECRET: '${{ secrets.VERACODE_API_SECRET }}'
         uses: ./
         with:
-          activity: "promote-latest-scan"
-          app-name: "Verademo-Brances"
-          sandbox-name: "test-01"
-          delete-on-promote: true
-          # clean-amount: "2" # (Optional) Number - with default as 1
+          activity: "clean"
+          app-name: "test-delete-sandboxes"
+          clean-amount: "2" 
+          clean-modified-before: "600"
+      - name: Test Sandbox Cleaning - single sandbox
+        env:
+          VERACODE_API_ID: '${{ secrets.VERACODE_API_ID }}'
+          VERACODE_API_SECRET: '${{ secrets.VERACODE_API_SECRET }}'
+        uses: ./
+        with:
+          activity: "clean"
+          app-name: "test-delete-sandboxes"
+          clean-amount: "1" 
+      
+          

README.md

@@ -1,6 +1,10 @@
 # Veracode Sandboxes Helper
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=Lerer_veracode-sandboxes-helper&metric=alert_status)](https://sonarcloud.io/dashboard?id=Lerer_veracode-sandboxes-helper)
+
+
 An Action to handle Sandboxes mainly as a set of clean-up activities such as:
 - Deleting a sandbox
+- Delete Multiple Sandboxes
 - Promoting Sandbox scan to Policy Scan 
   - with or without deleting the sandbox
 
@@ -16,6 +20,7 @@ Value | Details
  --- | --- 
 |`remove-sandbox`|Remove/Delete a sandbox|
 |`promote-latest-scan`|Promote the latest Sandbox scan to a Policy|
+|`clean`|Delete multiple dated sandboxes based on recent activity|
 
 ### `app-name`
 **Required** - The Veracode Application Profile name
@@ -24,17 +29,33 @@ Value | Details
 **Required** - The sandbox name
 
 ### `delete-on-promote`
-**Optional** - Only works with `promote-latest-scan` activity and give you the option to specify if you want the Sandbox to be deleted after the last scan is promoted to a Policy Scan
-
+**Optional** - Only works with `activity: "promote-latest-scan"` activity and give you the option to specify if you want the Sandbox to be deleted after the last scan is promoted to a Policy Scan
 
 | Value |  Details|
 --- | ---
 |   `"false"`| **Default** - Do not delete the Sandbox |
 | `"true"` | Delete the Sandbox after promoting the latest scan |
 
+### `clean-amount`
+**Optional** - The number of dated sandboxes to delete. The query of sandboxes will target Sandboxes which their `modified` date is most dated.
+
+ Value |  Details|
+--- | ---
+|   `1`| **Default** - Delete a single Sandbox |
+| Any number from 1-25 | Number of sandboxes to delete |
+
+### `clean-modified-before`
+**Optional** - The attribute will instruct the clean step to only look for sandboxes which their `modified` date is older than the amount of days given as the a value. 
+:exclamation: __Only works in conjunction with the `clean` activity__
+
+Value |  Details|
+--- | ---
+|   `0`| **Default** - Any sandbox |
+| Any other number - X | Can only delete sandboxes which last modified at least X days ago |
+
 ## Examples
 
-### Delete Sandbox
+### Delete a Sandbox
 For deleting a sandbox you can simply add the following step to your workflow job.
 
 ```yaml
@@ -46,7 +67,7 @@ on:
 jobs:
   veracode-sandbox-task:
     runs-on: ubuntu-latest
-    name: Clean 2 Sandboxes
+    name: Clean branch Sandbox
 
     steps:
 
@@ -56,14 +77,49 @@ jobs:
         env:
           VERACODE_API_ID: '${{ secrets.VERACODE_API_ID }}'
           VERACODE_API_SECRET: '${{ secrets.VERACODE_API_SECRET }}'
-        uses: lerer/veracode-sandboxes-helper@v1 
+        uses: lerer/veracode-sandboxes-helper@v1.0.1
         with:
           activity: "remove-sandbox"
           app-name: "<YOUR VERACODE APPLICATION NAME>"
-          sandbox-name: "<SANDBOX_NAME>" # "${{ github.ref }}"
+          # "${{ github.ref }}" - current branch on push triggers
+          # or "${{ github.event.pull_request.head.ref }}" - post pull request
+          sandbox-name: "<SANDBOX_NAME>" 
+      
+```
+
+### Delete Multiple Sandboxes
+Delete up to two most dated Sandboxes modified at least 14 days ago.
+
+```yaml
+on:
+  workflow_dispatch:
+  
+  schedule:
+    - cron: 30 14 * * *
+
+jobs:
+  veracode-sandbox-maintenance-task:
+    runs-on: ubuntu-latest
+    name: Pull Request Review Submitted
+
+    steps:
+
+      ... # your other job steps
+
+      - name: Delete old unused Sandboxes
+        env:
+          VERACODE_API_ID: '${{ secrets.VERACODE_API_ID }}'
+          VERACODE_API_SECRET: '${{ secrets.VERACODE_API_SECRET }}'
+        uses: lerer/[email protected]
+        with:
+          activity: "clean"
+          app-name: "<YOUR VERACODE APPLICATION NAME>"
+          clean-amount: "2"
+          clean-modified-before: "14" 
 
 ```
 
+
 ### Promote Sandbox
 For promoting a scan from Sandbox to a Policy you can use the following
 
@@ -89,7 +145,7 @@ jobs:
         env:
           VERACODE_API_ID: '${{ secrets.VERACODE_API_ID }}'
           VERACODE_API_SECRET: '${{ secrets.VERACODE_API_SECRET }}'
-        uses: lerer/veracode-sandboxes-helper@v1 
+        uses: lerer/veracode-sandboxes-helper@v1.0.1 
         with:
           activity: "promote-latest-scan"
           app-name: "<YOUR VERACODE APPLICATION NAME>"

action.yml

@@ -6,7 +6,7 @@ branding:
   color: 'blue'
 inputs:
   activity:
-    description: "The activity expected from the Action: clean, promote-latest-scan, promote-and-remove, remove-sandbox"
+    description: "The activity expected from the Action: clean, promote-latest-scan, remove-sandbox"
     required: false
   app-name:  # id of input
     description: 'Veracode Application name'
@@ -22,6 +22,10 @@ inputs:
     description: 'Deletes the sandbox after its promotion. Only works with the [promote] activity. Default is false'
     required: false
     default: 'false'
+  clean-modified-before:
+    description: 'The number of days which the sandbox had no activity'
+    required: false
+    default: "0"
 runs:
   using: 'node12'
   main: 'dist/index.js'