Add the action name/path to the output (#111)

Co-authored-by: Stefan Stölzle <[email protected]>
ActionsDesk · Jun 27, 2024 · 7c99145 · 7c99145
1 parent c94a29a
commit 7c99145
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 7 deletions.
diff --git a/action.js b/action.js
@@ -9,6 +9,7 @@ import {context} from '@actions/github'
     const searchToken = getInput('search_token', {required: true})
     const token = getInput('token', {required: true})
     const allowList = getInput('allow_list_path')
+    const reportType = getInput('report_type', {required: true})
     const workspace = process.env.GITHUB_WORKSPACE
 
     const allowListPath = join(workspace, allowList)
@@ -18,7 +19,7 @@ import {context} from '@actions/github'
       throw new Error(`${allowList} is not an allowed path`)
     }
 
-    const ad = new ActionDetails({token, searchToken, allowList, context})
+    const ad = new ActionDetails({token, searchToken, allowList, reportType, context})
 
     await ad.getDetails()
     // await ad.postComment()

diff --git a/action.yml b/action.yml
@@ -9,10 +9,16 @@ inputs:
     description: 'GITHUB_TOKEN'
     required: true
     default: ${{ github.token }}
+  report_type:
+    description: 'comment, output, both'
+    required: true
+    default: 'comment'
   allow_list_path:
     description: 'Path to the GitHub Actions allow list YML within the repository'
     default: 'github-actions-allow-list.yml'
 outputs:
+  actionName:
+    description: 'Action name/path'
   isGitHubVerified:
     description: 'Is the GitHub Actions organization verified'
   isSecurityPolicyEnabled:

diff --git a/dist/index.js b/dist/index.js
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/utils/details.js b/utils/details.js
@@ -60,9 +60,10 @@ class ActionDetails {
    * @param {string} options.token GitHub Token
    * @param {string} options.searchToken GitHub Personal Access Token (PAT)
    * @param {string} options.allowList Path to the GitHub Actions allow list YML within the repository
+   * @param {string} options.reportType Type of report to produce: comment, output, both
    * @param {import('@actions/github').context} options.context
    */
-  constructor({token, searchToken, allowList, context}) {
+  constructor({token, searchToken, allowList, reportType, context}) {
     if (!token) {
       throw new Error('`token` is required')
     }
@@ -74,6 +75,7 @@ class ActionDetails {
     this.search = getOctokit(searchToken)
 
     this.allowList = allowList
+    this.reportType = reportType
     this.context = context
   }
 
@@ -238,9 +240,14 @@ Please make sure this is intended by providing a business reason via comment bel
           contributors: contributors.length,
         }
 
-        this.addOutputs(details)
-        const md = this.getMarkdown(details)
-        this.postReviewComment(md, position)
+        if (this.reportType === 'both' || this.reportType === 'output') {
+          this.addOutputs(details)
+        }
+
+        if (this.reportType === 'both' || this.reportType === 'comment') {
+          const md = this.getMarkdown(details)
+          this.postReviewComment(md, position)
+        }
       } catch (error) {
         this.postReviewComment(
           `## :stop_sign: \`${owner}/${repo}\` is not a known GitHub Action
@@ -261,6 +268,7 @@ Please delete \`${owner}/${repo}\` from \`${this.allowList}\`!`,
    */
   addOutputs(details) {
     const {
+      action,
       actionRequestedVersion,
       url,
       description,
@@ -277,6 +285,8 @@ Please delete \`${owner}/${repo}\` from \`${this.allowList}\`!`,
       watchers,
     } = details
 
+    setOutput('actionName', action)
+
     const isGitHubVerified = owner.type === 'Organization' && owner.isVerified === true
     setOutput('isGitHubVerified', isGitHubVerified)