Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Parse logs for FOSSA action to determine actual license scan failures #16

Merged
merged 10 commits into from
Apr 19, 2023
Merged

Parse logs for FOSSA action to determine actual license scan failures #16

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
c5d31c3
save fossa step outputs to file
hubertdeng123 Apr 11, 2023
994645d
add logic to parse logs
hubertdeng123 Apr 11, 2023
c8b80ad
fix regex
hubertdeng123 Apr 13, 2023
bcddb95
clean up action a bit
hubertdeng123 Apr 13, 2023
cf8643c
bump fossa
hubertdeng123 Apr 13, 2023
414e5eb
add timeout of 10 minutes to fossa test step
hubertdeng123 Apr 14, 2023
38cced9
tweak comment regarding installing specific version of fossa-cli
hubertdeng123 Apr 14, 2023
d64ba35
clean up comments, use SaaS DSN
hubertdeng123 Apr 18, 2023
2deb658
add error msg to sentry event
hubertdeng123 Apr 19, 2023
3b732d7
trim error message to display more of the useful errors
hubertdeng123 Apr 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 41 additions & 31 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ runs:
shell: bash
run: echo "This action should only run on getsentry repos" && exit 1

- name: 'Pick a FOSSA API key'
- name: 'Pick a FOSSA API key and install FOSSA cli'
id: set_key
shell: bash
env:
Expand All @@ -27,50 +27,60 @@ runs:
# here in this file and gives us at least basic pass/fail.
#
# See also: https://docs.fossa.com/docs/api-reference#api-tokens

FALLBACK="9fc50c40b136c68873ad05aec573cf3e"
echo "key=${PREFERRED:-$FALLBACK}" >> "$GITHUB_OUTPUT"
# Install specific version of fossa-cli to guarantee stability of parsing fossa job outputs
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/v3.7.5/install-latest.sh | bash

- name: 'Checkout Code'
uses: actions/checkout@v2

- name: 'Run FOSSA Scan'
- name: 'Run `fossa analyze`'
id: analyze
continue-on-error: true
uses: fossas/fossa-action@5913e730490ebf75ae47b59687b7e590289eed92
with:
api-key: ${{ steps.set_key.outputs.key }}

- if: steps.analyze.outcome == 'failure'
name: 'Send error to Sentry on FOSSA scan failure'
shell: bash
env:
SENTRY_URL: https://self-hosted.getsentry.net/
SENTRY_ORG: self-hosted
SENTRY_PROJECT: test
SENTRY_DSN: https://[email protected]/4
FOSSA_API_KEY: ${{ steps.set_key.outputs.key }}
shell: bash
run: |
curl -sL https://sentry.io/get-cli/ | sh
# Environment variables will automatically be sent, so we just want some minimal information
sentry-cli send-event -m "FOSSA scan failure in $GITHUB_REPOSITORY" -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
exec &> >(tee -a "analyze_logs.txt")
fossa analyze

# We only want to run license compliance test if FOSSA scan succeeds. This is to unblock CI
# We only want to run license compliance test if `fossa test` succeeds. This is to unblock CI
# on FOSSA outages.
- if: steps.analyze.outcome == 'success'
name: 'Run FOSSA Test'
name: 'Run `fossa test`'
id: test
uses: fossas/fossa-action@5913e730490ebf75ae47b59687b7e590289eed92
with:
api-key: ${{ steps.set_key.outputs.key }}
run-tests: true
continue-on-error: true
env:
FOSSA_API_KEY: ${{ steps.set_key.outputs.key }}
shell: bash
run: |
exec &> >(tee -a "test_logs.txt")
# Set timeout to 5 minutes (default of 60 minutes is waaaay too long to block CI)
fossa test --timeout 300

- if: github.repository_owner == 'getsentry' && failure()
name: 'Handle errors'
- if: steps.analyze.outcome == 'failure' || steps.test.outcome == 'failure'
name: 'Send error to Sentry on `fossa-cli` errors'
shell: bash
env:
SENTRY_DSN: https://[email protected]/4505031352713216
run: |
echo
echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 "
echo
echo "Eep! It seems that this PR introduces a license violation. Did you add any libraries? Do they use the GPL or some weird license? Am I a confused bot? If you need a hand, cc: @getsentry/open-source in a comment. 🙏"
echo
echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 "
if [[ ${{ steps.analyze.outcome }} == 'failure' ]]; then
curl -sL https://sentry.io/get-cli/ | sh
# Environment variables will automatically be sent, so we just want some minimal information
error_msg=$(cat analyze_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message')
sentry-cli send-event -m "analyze: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile analyze_logs.txt
exit 0
fi
if grep -q "The scan has revealed issues. Number of issues found:" test_logs.txt; then
echo
echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 "
echo
echo "Eep! It seems that this PR introduces a license violation. Did you add any libraries? Do they use the GPL or some weird license? Am I a confused bot? If you need a hand, cc: @getsentry/open-source in a comment. 🙏"
echo
echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 "
exit 1
fi
curl -sL https://sentry.io/get-cli/ | sh
error_msg=$(cat test_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message')
sentry-cli send-event -m "test: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile test_logs.txt