mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-19 13:07:17 +03:00
cb721a8526
* 🌱 convert binary artifact check to probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Reword motivation
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove unused variable in test
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove positiveOutcome() and length check
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix wrong check name
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Split into two probes: One with and one without gradle-wrappers
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add description about what Scorecard considers a verified binary
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'trusted' to 'verified'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove nil check
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove filtering
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use const scores in tests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* add sanity check in loop
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename binary file const
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
62 lines
2.0 KiB
Go
62 lines
2.0 KiB
Go
// Copyright 2021 OpenSSF Scorecard Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package checks
|
|
|
|
import (
|
|
"github.com/ossf/scorecard/v4/checker"
|
|
"github.com/ossf/scorecard/v4/checks/evaluation"
|
|
"github.com/ossf/scorecard/v4/checks/raw"
|
|
sce "github.com/ossf/scorecard/v4/errors"
|
|
"github.com/ossf/scorecard/v4/probes"
|
|
"github.com/ossf/scorecard/v4/probes/zrunner"
|
|
)
|
|
|
|
// CheckBinaryArtifacts is the exported name for Binary-Artifacts check.
|
|
const CheckBinaryArtifacts string = "Binary-Artifacts"
|
|
|
|
//nolint:gochecknoinits
|
|
func init() {
|
|
supportedRequestTypes := []checker.RequestType{
|
|
checker.CommitBased,
|
|
checker.FileBased,
|
|
}
|
|
if err := registerCheck(CheckBinaryArtifacts, BinaryArtifacts, supportedRequestTypes); err != nil {
|
|
// this should never happen
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
// BinaryArtifacts will check the repository contains binary artifacts.
|
|
func BinaryArtifacts(c *checker.CheckRequest) checker.CheckResult {
|
|
rawData, err := raw.BinaryArtifacts(c)
|
|
if err != nil {
|
|
e := sce.WithMessage(sce.ErrScorecardInternal, err.Error())
|
|
return checker.CreateRuntimeErrorResult(CheckBinaryArtifacts, e)
|
|
}
|
|
|
|
// Set the raw results.
|
|
pRawResults := getRawResults(c)
|
|
pRawResults.BinaryArtifactResults = rawData
|
|
|
|
// Evaluate the probes.
|
|
findings, err := zrunner.Run(pRawResults, probes.BinaryArtifacts)
|
|
if err != nil {
|
|
e := sce.WithMessage(sce.ErrScorecardInternal, err.Error())
|
|
return checker.CreateRuntimeErrorResult(CheckBinaryArtifacts, e)
|
|
}
|
|
|
|
return evaluation.BinaryArtifacts(CheckBinaryArtifacts, findings, c.Dlogger)
|
|
}
|