Merge pull request #5 from aws-actions/v1.2.0

V1.2.0
aws-actions · Nov 24, 2023 · 5397b25 · 5397b25
2 parents 3eb05d4 + 5cc3610
commit 5397b25
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -27,6 +27,11 @@ Path to the directory you want to scan. Every `.json`, `.yml` and `.yaml` files
 
 Path to your `.json` file to extend the Susscan rules set.
 
+## Outputs
+
+### `results`
+
+The results from the scanner. See how to use it in this [example](#use-output-for-comment-pull-request).
 
 ## Example usage
 
@@ -87,6 +92,50 @@ jobs:
           rules-file: 'tests/additional-rules.json'
 ```
 
+### Use output for comment pull requests
+
+```yml
+name: susscan
+
+on:
+  pull_request:
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: AWS Sustainability Scanner
+        uses: aws-actions/sustainability-scanner@v1
+        id: scanner
+        with:
+          file: 'template.yaml'
+
+      # Use scanner output to create a comment on pull request
+      - name: Comment on pull request
+        uses: actions/github-script@v7
+        with:
+          script: |
+            result=${{ (steps.scanner.outputs.results) }}
+            const score = result.sustainability_score
+            const number_failed_rules = result.failed_rules.length
+
+            if (score === 0) {
+              body = `✅ Your current sustainability score is **${score}**. Sustainability scanner did not find any improvements to apply to your template.`
+            } else {
+              body = `❌ Your current sustainability score is **${score}**. Sustainability scanner suggests **${number_failed_rules}** improvements to apply to your template.\nCheck out the details of the sustainability scanner here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`
+            }
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: body
+            })
+```
+
 ## Security
 
 See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.

diff --git a/action.yml b/action.yml
@@ -11,7 +11,7 @@ inputs:
     required: false
   directory:
     description: 'Directory path with template files to scan'
-    required: true
+    required: false
     default: '.'
   rules_file:
     description: 'File path to extend set of rules'

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -54,4 +54,9 @@ for RESOURCE in "${RESOURCES_TO_SCAN[@]}"; do
   fi
 done
 
+# Save output to GitHub
+EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
+{ echo "SUSSCAN_RESULTS<<$EOF"; echo "${SUSSCAN_RESULTS:0:65536}"; echo "$EOF"; } >> $GITHUB_ENV
+{ echo "results<<$EOF"; echo "$SUSSCAN_RESULTS"; echo "$EOF"; } >> $GITHUB_OUTPUT
+
 exit $SUSSCAN_EXIT_CODE