Repo Targeting and Report Export Format Features

[sadreck]

Hi,

First of all, this is a fantastic tool and thank you for making it open source! As it's the only open source CI/CD scanner out there (as far as I can tell at least), I wanted to bring it a step closer to making is usable via GitHub actions. It all started from looking at https://github.com/CycodeLabs/raven/pull/118 and snowballed into:

• Added the option to download a specific repo, using --repo-name "CycodeLabs/raven".
• Added the option to download from a specific branch, using --repo-name "CycodeLabs/raven@v1.0.6".
• Added the option to download a specific workflow file, using --repo-name "CycodeLabs/raven" --workflow "test_pr.yml".
• Added --output to the report module to save output to file.
• Added --format sarif to report results, so it could easily integrate with GHAS and Code Scanning.
• Added integration tests for all of the above.

I tried to follow the existing formatting standards, but please let me know if there's anything else you'd like me to change.

Thanks, Pavel

[elad-pticha]

Thank you for opening this PR! The team will take a look and will update

[elad-pticha]

Hey Pavel, thank you for opening this PR!

Could you please split this into multiple PRs? I think it would be better in terms of review, testing, and documentation.

[sadreck]

Hi,

I've created https://github.com/CycodeLabs/raven/pull/194 therefore I'm closing this one.

I won't be creating a PR for the report/sarif support yet, as I realised https://github.com/CycodeLabs/raven/issues/188 will overwrite most of the changes.

Thanks