Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide html output with detected defects 🌐 #400

Merged
merged 1 commit into from
May 3, 2024
Merged

Provide html output with detected defects 🌐 #400

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions .github/workflows/differential-shellcheck.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,3 +50,11 @@ jobs:
name: Differential ShellCheck SARIF
path: ${{ steps.ShellCheck.outputs.sarif }}
retention-days: 7

- if: ${{ always() }}
jamacku marked this conversation as resolved.
Show resolved Hide resolved
name: Upload artifact with defects in XHTML format
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: Differential ShellCheck HTML
path: ${{ steps.ShellCheck.outputs.html }}
retention-days: 7
23 changes: 23 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -346,6 +346,29 @@ Relative path to SARIF file containing detected defects. Example of use:
sarif_file: ${{ steps.ShellCheck.outputs.sarif }}
```

### html

Relative path to HTML file containing detected defects. Example of use:

```yaml
- id: ShellCheck
name: Differential ShellCheck
uses: redhat-plumbers-in-action/differential-shellcheck@v5

- if: ${{ always() }}
jamacku marked this conversation as resolved.
Show resolved Hide resolved
name: Upload artifact with ShellCheck defects in HTML format
uses: actions/upload-artifact@v4
with:
name: Differential ShellCheck HTML
path: ${{ steps.ShellCheck.outputs.html }}
```

[Example](docs/example.xhtml) of HTML output:

<p align="center">
<img src="docs/images/html-output-exmple.png" width="800" alt="HTML output example" />
</p>

## Using with Private repositories

Differential ShellCheck GitHub Action could be used in private repositories by any user. But code scanning-related features are available only for GitHub Enterprise users, as mentioned in [GitHub Documentation](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning):
Expand Down
4 changes: 3 additions & 1 deletion action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,9 @@ inputs:

outputs:
sarif:
description: 'The SARIF file containing defects'
description: The SARIF file containing defects
html:
description: The HTML file containing defects

runs:
using: docker
Expand Down
71 changes: 71 additions & 0 deletions docs/example.xhtml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.1//EN' 'http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
jamacku marked this conversation as resolved.
Show resolved Hide resolved
<head><title>Scan Results</title></head>
<body style='background: white;'>
<h1>Scan Results</h1>
<h2>List of Defects</h2>
<pre style='white-space: pre-wrap;'>
<a name='def1'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def1'>[#def1]</a>
docs/example.sh:7:7: info[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2086" title="description of ShellCheck's checker SC2086">SC2086</a></b>]: Double quote to prevent globbing and word splitting.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 4| # Quoting</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 5| # =======</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 7|-&gt; echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 8| rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 9| v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>

<a name='def2'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def2'>[#def2]</a>
docs/example.sh:8:6: warning[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2088" title="description of ShellCheck's checker SC2088">SC2088</a></b>]: Tilde does not expand in quotes. Use $HOME.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 5| # =======</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 7| echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 8|-&gt; rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 9| v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 11| # echo &apos;Path is $PATH&apos; # Variables in single quotes</span></span>

<a name='def3'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def3'>[#def3]</a>
docs/example.sh:9:4: warning[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2089" title="description of ShellCheck's checker SC2089">SC2089</a></b>]: Quotes/backslashes will be treated literally. Rewrite using set/&quot;$@&quot; or functions.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 7| echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 8| rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 9|-&gt; v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 11| # echo &apos;Path is $PATH&apos; # Variables in single quotes</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 12| # trap &quot;echo Took ${SECONDS}s&quot; 0 # Prematurely expanded trap</span></span>

<a name='def4'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def4'>[#def4]</a>
docs/example.sh:9:28: warning[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2090" title="description of ShellCheck's checker SC2090">SC2090</a></b>]: Quotes/backslashes in this variable will not be respected.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 7| echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 8| rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 9|-&gt; v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 11| # echo &apos;Path is $PATH&apos; # Variables in single quotes</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 12| # trap &quot;echo Took ${SECONDS}s&quot; 0 # Prematurely expanded trap</span></span>

<a name='def5'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def5'>[#def5]</a>
docs/example.sh:9:28: style[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2248" title="description of ShellCheck's checker SC2248">SC2248</a></b>]: Prefer double quoting even when variables don&apos;t contain special characters.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 7| echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 8| rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 9|-&gt; v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 11| # echo &apos;Path is $PATH&apos; # Variables in single quotes</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 12| # trap &quot;echo Took ${SECONDS}s&quot; 0 # Prematurely expanded trap</span></span>

<a name='def6'/><b>Error: <span style='background: #C0FF00;'>SHELLCHECK_WARNING</span>:</b> <a href ='#def6'>[#def6]</a>
docs/example.sh:9:28: style[<b><a href="https://github.com/koalaman/shellcheck/wiki/SC2250" title="description of ShellCheck's checker SC2250">SC2250</a></b>]: Prefer putting braces around variable references even when not strictly required.
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 6| </span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 7| echo $1 # Unquoted variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 8| rm &quot;~/my file.txt&quot; # Quoted tilde expansion</span></span>
<span style='color: #00C0C0;'>#<span style='color: #000000;'> 9|-&gt; v=&apos;--verbose=&quot;true&quot;&apos;; cmd $v # Literal quotes in variables</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 10| # touch $@ # Unquoted $@</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 11| # echo &apos;Path is $PATH&apos; # Variables in single quotes</span></span>
<span style='color: #00C0C0;'>#<span style='color: #C0C0C0;'> 12| # trap &quot;echo Took ${SECONDS}s&quot; 0 # Prematurely expanded trap</span></span>

</pre>
</body>
</html>
Binary file added docs/images/html-output-exmple.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
7 changes: 7 additions & 0 deletions src/index.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,14 @@ csgrep \
--set-scan-prop='tool-url:https://www.shellcheck.net/wiki/' \
"${WORK_DIR}sarif-defects.log" > output.sarif

# Produce report in HTML format
cshtml \
"${WORK_DIR}sarif-defects.log" > output.xhtml

# shellcheck disable=SC2154
# GITHUB_OUTPUT is GitHub Actions environment variable
echo "sarif=output.sarif" >> "${GITHUB_OUTPUT}"
echo "html=output.xhtml" >> "${GITHUB_OUTPUT}"

# SARIF upload
if [[ -n "${INPUT_TOKEN}" ]]; then
Expand Down
2 changes: 1 addition & 1 deletion test/index.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ setup () {
}

teardown () {
rm -f ../base-shellcheck.err ../changed-files.txt ../defects.log ../fixes.log ../head-shellcheck.err ./output.sarif
rm -f ../base-shellcheck.err ../changed-files.txt ../defects.log ../fixes.log ../head-shellcheck.err ./output.sarif ./output.xhtml

export \
SCRIPT_DIR="" \
Expand Down