feat: set default ignored accounts and the ability to specify (RD-2964) (#79)

robaone-redshelf · web-flow · commit 4cf89a279434 · 2025-03-25T00:02:44.000-05:00
* feat(RD-2964): add support for ignored accounts in static analysis action

Enhances the StaticAnalysis class to allow specifying accounts to ignore during commit hash checks. This addition improves the flexibility of the static analysis action by enabling users to exclude certain accounts from warnings related to commit hash usage.

* feat(RD-2964): integrate ignored accounts into static analysis action

Updates the static analysis action to accept a list of accounts to ignore during commit hash checks. This enhancement allows users to exclude specific accounts from warnings, improving the action's flexibility and usability.

* feat(RD-2964): enhance static analysis action with ignored accounts input

Adds an input parameter to the static analysis action for specifying a comma-separated list of accounts to ignore during analysis. This update improves the action's configurability and user experience by allowing exclusions of specific accounts from warnings.

* feat(RD-2964): add logging for ignored accounts in static analysis action

Enhances the static analysis action by adding console logging for ignored accounts and the current account being processed. This improvement aids in debugging and provides better visibility into the action's behavior during execution.

* fix: correct indentation in static analysis action for ignored accounts logging

This update fixes the indentation in the StaticAnalysis class constructor, ensuring proper formatting and readability of the code. The change enhances maintainability without altering functionality.

* fix: update regex for account extraction in static analysis action

This change modifies the regex used in the StaticAnalysis class to correctly capture the account and reference from the 'uses' field in GitHub Actions. The update ensures accurate logging of accounts during static analysis, enhancing the action's functionality and debugging capabilities.

* fix: refine account extraction logic in static analysis action

This update modifies the account extraction logic in the StaticAnalysis class to split the account string and capture only the relevant portion. This change enhances the accuracy of account logging during static analysis, improving the overall functionality of the action.

* refactor: remove console logging for ignored accounts in static analysis action

This update removes unnecessary console logging for ignored accounts and the current account being processed in the StaticAnalysis class. The change streamlines the code and enhances readability without affecting the action's functionality.
diff --git a/.github/actions/static-analysis/action.yml b/.github/actions/static-analysis/action.yml
@@ -1,6 +1,12 @@
 name: "Static Analysis"
 description: "Runs static analysis on the code"
 
+inputs:
+  ignored-accounts:
+    description: "Comma-separated list of accounts to ignore"
+    required: false
+    default: "actions,VirdocsSoftware"
+
 runs:
   using: "composite"
   steps:
@@ -12,4 +18,6 @@ runs:
         echo "With the current working directory: $(pwd)"
         node ${{ github.action_path }}/scan_github_actions.js
       shell: bash
-      working-directory: ${{ github.workspace }}
+      working-directory: ${{ github.workspace }}
+      env:
+        IGNORED_ACCOUNTS: ${{ inputs.ignored-accounts }}
diff --git a/.github/actions/static-analysis/scan_github_actions.js b/.github/actions/static-analysis/scan_github_actions.js
@@ -1,7 +1,8 @@
 class StaticAnalysis {
-    constructor(dataProvider, process) {
+    constructor(dataProvider, process, ignoredAccounts = []) {
         this.dataProvider = dataProvider;
         this.process = process;
+        this.ignoredAccounts = ignoredAccounts;
     }
 
     isCommitHash(ref) {
@@ -25,11 +26,15 @@ class StaticAnalysis {
 
     scanFile(filePath) {
         const content = this.dataProvider.readFile(filePath);
-        const regex = /uses:\s*[\w-]+\/[\w-]+@([\w-.]+)/g;
+        const regex = /uses:\s*([\w-]+\/[\w-]+)@([\w-.]+)/g;
         let match;
         let warnings = [];
         while ((match = regex.exec(content)) !== null) {
-            const ref = match[1];
+            const ref = match[2];
+            const account = match[1].split('/')[0];
+            if (this.ignoredAccounts.includes(account)) {
+                continue;
+            }
             if (!this.isCommitHash(ref)) {
                 warnings.push(`Warning: In file ${filePath}, '${match[0]}' does not use a commit hash.`);
             }
@@ -90,7 +95,8 @@ class DataProvider {
 const fs = require('fs');
 const path = require('path');
 const process = require('process');
+const ignoredAccounts = (process.env.IGNORED_ACCOUNTS || '').split(',');
 
 const dataProvider = new DataProvider(fs, path);
-const staticAnalysis = new StaticAnalysis(dataProvider, process);
+const staticAnalysis = new StaticAnalysis(dataProvider, process, ignoredAccounts);
 staticAnalysis.run();
