splunk / appinspect-cli-action

A GitHub action to run Splunk AppInspect (cli) on a Splunk app
Apache License 2.0
14 stars 6 forks source link

GHA attempts to analyze README file, not app #71

Open ericzinnikas opened 2 years ago

ericzinnikas commented 2 years ago

Attempting to leverage this in a GHA, with the following config:

  appinspect:
    name: app inspect
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@v2
      - name: Run appinspect
        uses: splunk/appinspect-cli-action@537ffc049c9b25d76be2461f4c37d258f5993679 # pin to v1.5.0
        with:
          app_path: "build/"

However, appinspect fails as it attempts to analyze build/README and not build/:

scan target build//README
appinspect
  + '[' -f build/ ']'
  + ls build//
  + D=build/
  + files=($D/*)
  + SCAN=build//README
  + echo scan target build//README
  + '[' '!' -f build//README ']'
  + '[' '!' -z ']'
  + '[' '!' -z ']'
  + echo ::group::appinspect
  + rm -f appinspect_result.json
  running: splunk-appinspect inspect build//README --output-file appinspect_result.json --mode test
  + echo running: splunk-appinspect inspect build//README --output-file appinspect_result.json --mode test
  + splunk-appinspect inspect build//README --output-file appinspect_result.json --mode test
  Enable Python analyzer.
  Validating: README Version: [MISSING `default/app.conf`]
  .FFFFFF.FF.FFFSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
  SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
  SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
  SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
  SSSSSSSSS

The contents of the build dir are as follows:

$ find ./build/
./build
./build/default
./build/default/app.conf
./build/default/savedsearches.conf
./build/README
ericzinnikas commented 2 years ago

Looks like this issue stems from the fact that the action config here indicates app_path should be set to the "path to the application directory to be inspected", however the checks here expect a fully packaged app (.tar.gz) and not a directory.

In local testing, it seems that either should be supported? Or is this not the case?