From 96e296ee1fded3e283b10dabec3f878e6ed31053 Mon Sep 17 00:00:00 2001 From: Sebastien Serre Date: Thu, 12 Oct 2023 18:12:35 +0200 Subject: [PATCH 1/3] Change required vars + update descriptions --- action.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/action.yml b/action.yml index 760b03a..e20e490 100644 --- a/action.yml +++ b/action.yml @@ -1,20 +1,20 @@ # action.yml name: 'AWS Sustainability Scanner GitHub Action' author: 'AWS Sustainability' -description: 'Run AWS Sustainability Scan against infrastructure as code as a pre-packaged GitHub Action.' +description: 'Run AWS Sustainability Scanner against infrastructure as code as a pre-packaged GitHub Action.' branding: icon: 'cloud' color: 'orange' inputs: file: - description: 'File with infrastructure code to scan' - required: true - directory: - description: 'Directory with infrastructure code to scan' + description: 'File path of template to scan' required: false + directory: + description: 'Directory path with template files to scan' + required: true default: '.' rules_file: - description: 'File to extend set of rules to scan' + description: 'File path to extend set of rules' required: false outputs: results: From 91883f5b3b7932136875b459e8320aa67d052d17 Mon Sep 17 00:00:00 2001 From: Sebastien Serre Date: Thu, 12 Oct 2023 18:19:47 +0200 Subject: [PATCH 2/3] Update reference to v1 + add .json support --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index f6bfb9c..ecde529 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ In your Github worflows, under steps, add the following: ```yml name: AWS Sustainability Scanner -uses: aws-actions/sustainability-scanner@latest +uses: aws-actions/sustainability-scanner@v1 with: ``` @@ -21,7 +21,7 @@ Path to the specific file you want to scan. ### `directory` -Path to the directory you want to scan. Every `.yml` and `.yaml` files that this directory contain will be scan. +Path to the directory you want to scan. Every `.json`, `.yml` and `.yaml` files that this directory contain will be scan. ### `rules_file` @@ -57,7 +57,7 @@ jobs: # Run AWS Sustainability Scanner against template.yaml - name: AWS Sustainability Scanner - uses: aws-actions/sustainability-scanner@latest + uses: aws-actions/sustainability-scanner@v1 with: file: 'template.yaml' ``` @@ -81,9 +81,9 @@ jobs: # Run AWS Sustainability Scanner against "my-cf-stacks" folder with an additional rules set - name: AWS Sustainability Scanner - uses: aws-actions/sustainability-scanner@latest + uses: aws-actions/sustainability-scanner@v1 with: - directory: 'my-cf-stacks/' + directory: 'my-cf-stacks' rules-file: 'tests/additional-rules.json' ``` From 5c0b89e1ebb560a47292a9edb95f05446196db7c Mon Sep 17 00:00:00 2001 From: Sebastien Serre Date: Thu, 12 Oct 2023 18:20:43 +0200 Subject: [PATCH 3/3] Add json support + improve logs + fix directory scan --- entrypoint.sh | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index a848801..53fb8a1 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -16,20 +16,31 @@ fi # Create an empty array to store file names to scan RESOURCES_TO_SCAN=() -# If File Variable exists then scan the specific resource +# If INPUT_FILE variable exists then scan the specific resource if [ -n "$INPUT_FILE" ]; then RESOURCES_TO_SCAN+=("$INPUT_FILE") else -# Otherwise scan directory provided (root by default) to populate the array with all .yml or .yaml files - echo "running susscanner on directory: $INPUT_DIRECTORY" - for FILE in "$INPUT_DIRECTORY"/*.yaml "$INPUT_DIRECTORY"/*.yml; do - RESOURCES_TO_SCAN+=("$FILE") - done +# Otherwise scan directory provided (root by default) + if [ -d "$INPUT_DIRECTORY" ]; then + # Use 'find' to search for YAML and JSON files inside the directory + while IFS= read -r -d $'\0' file; do + RESOURCES_TO_SCAN+=("$file") + done < <(find "$INPUT_DIRECTORY" -type f \( -name "*.json" -o -name "*.yaml" -o -name "*.yml" \) -print0) + + # Check if any files were found + if [ -n "$RESOURCES_TO_SCAN" ]; then + echo "${#RESOURCES_TO_SCAN[@]} file(s) found in directory: $INPUT_DIRECTORY" + else + echo "No template files found in directory: $INPUT_DIRECTORY" + fi + else + echo "Directory not found: $INPUT_DIRECTORY" + fi fi # Build command -for RESOURCE in $RESOURCES_TO_SCAN; do - echo "running susscanner on file: $RESOURCE" +for RESOURCE in "${RESOURCES_TO_SCAN[@]}"; do + echo "Running susscanner on file: $RESOURCE" echo "susscanner $RESOURCE $RULES_FILE" SUSSCAN_RESULTS=$(susscanner $RESOURCE $RULES_FILE)