Add version variable

intel · Apr 22, 2024 · a68499c · a68499c
1 parent c6a8a15
commit a68499c
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 22 deletions.
diff --git a/.github/workflows/daily-validation.yml b/.github/workflows/daily-validation.yml
@@ -4,6 +4,11 @@ name: Daily
 on:
   # Run on user request
   workflow_dispatch:
+    inputs:
+      upload_sdl:
+        description: 'Trigger SDL Upload'
+        required: false
+        default: 'false'
   # Run on schedule
   schedule:
     # daily at 9:00 UTC (2:00 MST)
@@ -179,12 +184,13 @@ jobs:
       - linux-build
       - windows-build
       - summary
+      - setup-variables
     uses: ./.github/workflows/sdl.yml
     with:
-      SUMMARY_ARTIFACT: lib-release-summary
-      LABEL: v1.0
-      SDLE_PROJECT: ${vars.SDLE_ID}
-      SDLE_USER: ${vars.SDLE_API_USER}
+      SUMMARY_ARTIFACT: tools-release-summary
+      LABEL: ${{ needs.setup-variables.outputs.tools_version }}
+      SDLE_PROJECT: ${{vars.SDLE_ID}}
+      SDLE_USER: ${{vars.SDLE_API_USER}}
       output_prefix: tools-
     secrets:
       SDLE_API_KEY: ${{ secrets.SDLE_API_KEY }}

diff --git a/.github/workflows/sdl.yml b/.github/workflows/sdl.yml
@@ -22,7 +22,7 @@ on:
         required: true
       output_prefix:
         description: 'Prefix to add to output artifacts'
-        required: false
+        required: true
         default: ''
         type: string
   workflow_call:
@@ -45,7 +45,7 @@ on:
         required: true
       output_prefix:
         description: 'Prefix to add to output artifacts'
-        required: false
+        required: true
         default: ''
         type: string
     secrets:
@@ -95,41 +95,46 @@ jobs:
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
-          --task_id CT7 \
+          --task_id CT37 \
           --file_paths $file_path/CT37-MalwareScan/source-report.txt \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
           --task_id CT37 \
           --file_paths $file_path/CT37-MalwareScan/windows-report.txt \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
-          --task_id CT37 \
+          --task_id CT39 \
           --file_paths $file_path/CT39-StaticAnalysis/linux-coverity.json \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
-          --task_id CT37 \
+          --task_id CT39 \
           --file_paths $file_path/CT39-StaticAnalysis/windows-coverity.json \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
-          --task_id CT39 \
+          --task_id CT7 \
           --file_paths $file_path/CT7-KnownVulnerabilities/vulns.csv \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
@@ -138,7 +143,8 @@ jobs:
           --task_id CT151 \
           --file_paths \
             $file_path/CT151-CompilerFlags/SSCB_SCAN_results-Windows.html \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
@@ -147,23 +153,26 @@ jobs:
           --task_id CT151 \
           --file_paths \
             $file_path/CT151-CompilerFlags/SSCB_SCAN_results-Linux.html \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
           --task_id CT222 \
           --file_paths $file_path/CT222-Hadolint/hadolint.txt \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
 
           python3 source/.github/workflows/sdl/evidence_upload.py \
           --api_key "${{ secrets.SDLE_API_KEY }}" \
           --user_id ${{ inputs.sdle_user }} \
           --project_id ${{ inputs.sdle_project }} \
           --task_id CT247 \
           --file_paths $file_path/CT247-Trivy/trivy-report.csv \
-          --label ${{ inputs.label }}
+          --label ${{ inputs.label }} \
+          --output_prefix ${{ inputs.output_prefix }}
           EOL
           chmod a+x upload.sh
           ls -l

diff --git a/.github/workflows/sdl/evidence_upload.py b/.github/workflows/sdl/evidence_upload.py
@@ -16,7 +16,8 @@
 urllib3.disable_warnings()
 
 
-def upload_file(api_key, user_id, project_id, task_id, file_path, labels):
+def upload_file(api_key, user_id, project_id, task_id, file_path, labels,
+                output_prefix):
     # pylint: disable=too-many-locals
     # pylint: disable=too-many-arguments
     """
@@ -29,6 +30,7 @@ def upload_file(api_key, user_id, project_id, task_id, file_path, labels):
         project_id (int): Project ID.
         file_path (str): Path to the file to be uploaded.
         labels (list): List of labels or tags for the file upload.
+        output_prefix (str): Prefix for output messages.
 
     """
     # URL encode user-provided values
@@ -51,7 +53,8 @@ def upload_file(api_key, user_id, project_id, task_id, file_path, labels):
 
     # Prepare files for upload in multipart/form-data format
     try:
-        files = {'file': (os.path.basename(file_path), open(file_path, 'rb'))}
+        file_name_with_prefix = f"{output_prefix}{os.path.basename(file_path)}"
+        files = {'file': (file_name_with_prefix, open(file_path, 'rb'))}
     except OSError as exception:
         print(f"Failed to open file {file_path}: {exception}")
         sys.exit(1)
@@ -97,6 +100,7 @@ def main():
         --task_id (str): Task ID.
         --file_paths (list): List of file paths.
         --label (list, optional): Label or tags for this file upload.
+        --output_prefix (str): Prefix for output messages.
     """
     # Create argument parser
     parser = argparse.ArgumentParser(description="Upload files.")
@@ -119,14 +123,17 @@ def main():
                         required=False,
                         nargs="*",
                         help="Label or tags for this file upload")
+    parser.add_argument("--output_prefix",
+                        required=True,
+                        help="Prefix for output messages")
 
     # Parse command-line arguments
     args = parser.parse_args()
 
     # Upload files
     for file_path in args.file_paths:
         upload_file(args.api_key, args.user_id, args.project_id, args.task_id,
-                    file_path, args.label)
+                    file_path, args.label, args.output_prefix)
     sys.exit(0)
 
 

diff --git a/.github/workflows/setup-variables.yml b/.github/workflows/setup-variables.yml
@@ -12,6 +12,9 @@ on:
       lib_ref:
         description: "Ref in lib repo to be used"
         value: ${{ jobs.configure.outputs.lib_ref }}
+      tools_version:
+        description: "tools version in tool repo to be used"
+        value: ${{ jobs.configure.outputs.tools_version }}
 
 # This workflow configures variables that are useful for other jobs. Other
 # jobs that depend on this one can access the variables via
@@ -23,10 +26,12 @@ jobs:
       last_release_ref: ${{ env.last_release_ref }}
       test_ref: ${{ env.test_ref }}
       lib_ref: ${{ env.lib_ref }}
+      tools_version: ${{env.tools_version}}
     env:
       last_release_ref: ''
       test_ref: ''
       lib_ref: ''
+      tools_version: ''
     steps:
 
       - name: Cleanup workspace (Linux)
@@ -42,6 +47,12 @@ jobs:
           fetch-depth: 0
           ref: '${{ github.event.pull_request.head.sha }}'
 
+      - name: Get tools version
+        run: |
+          cd source
+          # Extract the version from version.txt and store it in a variable
+          echo "tools_version=$(cat version.txt)" >> $GITHUB_ENV
+
       - name: Get ref of last release
         id: run
         run: |