mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-11 00:45:36 +03:00
66b3d8ce5c
* 🌱 Bump github.com/golangci/golangci-lint in /tools Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.44.2 to 1.45.0. - [Release notes](https://github.com/golangci/golangci-lint/releases) - [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md) - [Commits](https://github.com/golangci/golangci-lint/compare/v1.44.2...v1.45.0) --- updated-dependencies: - dependency-name: github.com/golangci/golangci-lint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * golangci-lint: Surface and fix as many lint warnings automatically Signed-off-by: Stephen Augustus <foo@auggie.dev> * generated: Run golangci-lint with `fix: true` Signed-off-by: Stephen Augustus <foo@auggie.dev> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stephen Augustus <foo@auggie.dev>
75 lines
2.3 KiB
Go
75 lines
2.3 KiB
Go
// Copyright 2022 Security Scorecard Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package checker
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/ossf/scorecard/v4/clients"
|
|
ghrepo "github.com/ossf/scorecard/v4/clients/githubrepo"
|
|
"github.com/ossf/scorecard/v4/clients/localdir"
|
|
"github.com/ossf/scorecard/v4/log"
|
|
)
|
|
|
|
// GetClients returns a list of clients for running scorecard checks.
|
|
// TODO(repo): Pass a `http.RoundTripper` here.
|
|
func GetClients(ctx context.Context, repoURI, localURI string, logger *log.Logger) (
|
|
clients.Repo, // repo
|
|
clients.RepoClient, // repoClient
|
|
clients.RepoClient, // ossFuzzClient
|
|
clients.CIIBestPracticesClient, // ciiClient
|
|
clients.VulnerabilitiesClient, // vulnClient
|
|
error,
|
|
) {
|
|
var githubRepo clients.Repo
|
|
if localURI != "" {
|
|
localRepo, errLocal := localdir.MakeLocalDirRepo(localURI)
|
|
var retErr error
|
|
if errLocal != nil {
|
|
retErr = fmt.Errorf("getting local directory client: %w", errLocal)
|
|
}
|
|
return localRepo, /*repo*/
|
|
localdir.CreateLocalDirClient(ctx, logger), /*repoClient*/
|
|
nil, /*ossFuzzClient*/
|
|
nil, /*ciiClient*/
|
|
nil, /*vulnClient*/
|
|
retErr
|
|
}
|
|
|
|
githubRepo, errGitHub := ghrepo.MakeGithubRepo(repoURI)
|
|
if errGitHub != nil {
|
|
return githubRepo,
|
|
nil,
|
|
nil,
|
|
nil,
|
|
nil,
|
|
fmt.Errorf("getting local directory client: %w", errGitHub)
|
|
}
|
|
|
|
ossFuzzRepoClient, errOssFuzz := ghrepo.CreateOssFuzzRepoClient(ctx, logger)
|
|
var retErr error
|
|
if errOssFuzz != nil {
|
|
retErr = fmt.Errorf("getting OSS-Fuzz repo client: %w", errOssFuzz)
|
|
}
|
|
// TODO(repo): Should we be handling the OSS-Fuzz client error like this?
|
|
return githubRepo, /*repo*/
|
|
ghrepo.CreateGithubRepoClient(ctx, logger), /*repoClient*/
|
|
ossFuzzRepoClient, /*ossFuzzClient*/
|
|
clients.DefaultCIIBestPracticesClient(), /*ciiClient*/
|
|
clients.DefaultVulnerabilitiesClient(), /*vulnClient*/
|
|
retErr
|
|
}
|