From ffc3bd9086a82e80ed10b2dabb2bd4e70259ec79 Mon Sep 17 00:00:00 2001 From: Joyce Quach Date: Thu, 12 Dec 2024 14:56:25 -0500 Subject: [PATCH 01/23] Update README file to use actions v4 Signed-off-by: Joyce Quach --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8af9e9cc1..8c639393d 100644 --- a/README.md +++ b/README.md @@ -33,13 +33,13 @@ jobs: name: SAF CLI Convert ASFF to HDF steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Convert ASFF uses: mitre/saf_action@v1 with: command_string: 'convert asff2hdf -i asff_sample.json -o asff_sample_hdf.json' - name: Artifacts - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v4 if: success() with: name: asff From 3ba88123c4b5598ee23053adc8daa8947e0bc085 Mon Sep 17 00:00:00 2001 From: Joyce Quach Date: Thu, 12 Dec 2024 16:50:02 -0500 Subject: [PATCH 02/23] Revert version change Signed-off-by: Joyce Quach --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8c639393d..ee78518a7 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ jobs: name: SAF CLI Convert ASFF to HDF steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v2 - name: Convert ASFF uses: mitre/saf_action@v1 with: From a9ddb00758e81cd7e09ba264b239a90298d44b3b Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Fri, 3 Jan 2025 19:50:13 -0500 Subject: [PATCH 03/23] wonder if everything still works if we move this to 22 Signed-off-by: Amndeep Singh Mann --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 92c35698a..9e5447596 100644 --- a/action.yml +++ b/action.yml @@ -10,5 +10,5 @@ inputs: description: 'Command, including flags and inputs, to be executed by SAF CLI' required: true runs: - using: 'node20' + using: 'node22' main: 'index.js' From 9caed5e3bff4e214ad8c1705aa4b49127b9069bd Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:11:19 -0500 Subject: [PATCH 04/23] test windows Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages-windows.yml | 35 ++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/example-usages-windows.yml diff --git a/.github/workflows/example-usages-windows.yml b/.github/workflows/example-usages-windows.yml new file mode 100644 index 000000000..7eb0f25b0 --- /dev/null +++ b/.github/workflows/example-usages-windows.yml @@ -0,0 +1,35 @@ +name: Provide a few examples for using saf_action in GitHub workflows +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + test: + runs-on: windows-2022 + steps: + - name: Checkout repo to have access to test data + uses: actions/checkout@v4 + - name: Test convert data + uses: mitre/saf_action@v1 + with: + command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' + - name: View summary of burpsuite results + uses: mitre/saf_action@main + with: + command_string: 'view summary -i burpsuite_hdf.json' + - name: Test validate threshold with -T + uses: mitre/saf_action@main + with: + command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + - name: Test validate threshold with -T with a space in the path + uses: mitre/saf_action@main + with: + command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + - name: Artifacts + uses: actions/upload-artifact@v4 + if: success() + with: + name: burpsuite + path: burpsuite_hdf.json From 047891fe2778f38b46bde0c2e0b3205db361c060 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:15:11 -0500 Subject: [PATCH 05/23] debugging Signed-off-by: Amndeep Singh Mann --- index.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/index.js b/index.js index 80966181e..1bd3e40f9 100644 --- a/index.js +++ b/index.js @@ -1,4 +1,6 @@ const saf_action = require('./run_command.js'); const path = require('node:path'); +console.log("what is this path"); +console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 5fa5ce26916e631616713e7ef661014327fdcbac Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:19:03 -0500 Subject: [PATCH 06/23] we should be testing against the latest here Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages-windows.yml | 2 +- .github/workflows/example-usages.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/example-usages-windows.yml b/.github/workflows/example-usages-windows.yml index 7eb0f25b0..02971c99f 100644 --- a/.github/workflows/example-usages-windows.yml +++ b/.github/workflows/example-usages-windows.yml @@ -12,7 +12,7 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@v1 + uses: mitre/saf_action@main with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results diff --git a/.github/workflows/example-usages.yml b/.github/workflows/example-usages.yml index 0b18c31d8..28fbdc09e 100644 --- a/.github/workflows/example-usages.yml +++ b/.github/workflows/example-usages.yml @@ -12,7 +12,7 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@v1 + uses: mitre/saf_action@main with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results From 0e7c3a0c0ff44740a1b8064c55bb5b6572f2e4ed Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:23:25 -0500 Subject: [PATCH 07/23] use branch that i'm testing Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages-windows.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/example-usages-windows.yml b/.github/workflows/example-usages-windows.yml index 02971c99f..17cec9cc1 100644 --- a/.github/workflows/example-usages-windows.yml +++ b/.github/workflows/example-usages-windows.yml @@ -12,19 +12,19 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'view summary -i burpsuite_hdf.json' - name: Test validate threshold with -T - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts From 46f32a89499c213e47fc4511a9e94cadd368336a Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:25:08 -0500 Subject: [PATCH 08/23] apparently node22 ain't out yet Signed-off-by: Amndeep Singh Mann --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 9e5447596..92c35698a 100644 --- a/action.yml +++ b/action.yml @@ -10,5 +10,5 @@ inputs: description: 'Command, including flags and inputs, to be executed by SAF CLI' required: true runs: - using: 'node22' + using: 'node20' main: 'index.js' From 7ad1aba56e374a3d0be383b65c27f465e251fd6c Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:28:09 -0500 Subject: [PATCH 09/23] more granule console logs Signed-off-by: Amndeep Singh Mann --- index.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/index.js b/index.js index 1bd3e40f9..165adaef3 100644 --- a/index.js +++ b/index.js @@ -2,5 +2,8 @@ const saf_action = require('./run_command.js'); const path = require('node:path'); console.log("what is this path"); +console.log(process.env.HOME); +console.log(process.env.GITHUB_ACTION_REPOSITORY); +console.log(process.env.GITHUB_ACTION_REF); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From ba474d32ac9c793ffddd828f5b8cc565effca854 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:34:45 -0500 Subject: [PATCH 10/23] need debugging output from linux as well Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/example-usages.yml b/.github/workflows/example-usages.yml index 28fbdc09e..8a490f2ef 100644 --- a/.github/workflows/example-usages.yml +++ b/.github/workflows/example-usages.yml @@ -12,19 +12,19 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'view summary -i burpsuite_hdf.json' - name: Test validate threshold with -T - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path - uses: mitre/saf_action@main + uses: mitre/saf_action@update-actions-to-v4 with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts From 2e729aad90d9c7cb96b9c9d05ce32794ade67028 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:44:14 -0500 Subject: [PATCH 11/23] confirmed that process.env.HOME does not exist on windows side, found a new github envvar that might do what we need it to do Signed-off-by: Amndeep Singh Mann --- index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/index.js b/index.js index 165adaef3..84aeadbcf 100644 --- a/index.js +++ b/index.js @@ -6,4 +6,5 @@ console.log(process.env.HOME); console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.GITHUB_ACTION_PATH, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 13b7ab2f800bfa57bb675ab9e3c516dc6c2bb2b4 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:53:02 -0500 Subject: [PATCH 12/23] does this var exist? Signed-off-by: Amndeep Singh Mann --- index.js | 1 + 1 file changed, 1 insertion(+) diff --git a/index.js b/index.js index 84aeadbcf..5bc19f9ae 100644 --- a/index.js +++ b/index.js @@ -6,5 +6,6 @@ console.log(process.env.HOME); console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(process.env.GITHUB_ACTION_PATH); console.log(path.join(process.env.GITHUB_ACTION_PATH, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From d2bf8fe35a2176f2cfb5f61ea1fbe2619b4940c3 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 13:55:04 -0500 Subject: [PATCH 13/23] reorder console logs Signed-off-by: Amndeep Singh Mann --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index 5bc19f9ae..0042cbdc0 100644 --- a/index.js +++ b/index.js @@ -5,7 +5,7 @@ console.log("what is this path"); console.log(process.env.HOME); console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); -console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); console.log(process.env.GITHUB_ACTION_PATH); console.log(path.join(process.env.GITHUB_ACTION_PATH, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 633a520b4d204dae32460e1b8854ce0ec7b77874 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:01:57 -0500 Subject: [PATCH 14/23] var i tried to use doesn't exist, seeing if i can do a more generic workaround Signed-off-by: Amndeep Singh Mann --- index.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index 0042cbdc0..2fd24af85 100644 --- a/index.js +++ b/index.js @@ -5,7 +5,8 @@ console.log("what is this path"); console.log(process.env.HOME); console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); -console.log(process.env.GITHUB_ACTION_PATH); -console.log(path.join(process.env.GITHUB_ACTION_PATH, 'node_modules/@mitre/saf/lib/index.js')); +console.log(process.env.GITHUB_ACTION_PATH); # apparently we're not a composite action +console.log(process.env.GITHUB_WORKSPACE); +console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 09e66a87b0508f97575e33a3d993a2a73f9f9c6b Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:03:24 -0500 Subject: [PATCH 15/23] comment syntax lol Signed-off-by: Amndeep Singh Mann --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index 2fd24af85..baf4b7228 100644 --- a/index.js +++ b/index.js @@ -5,7 +5,7 @@ console.log("what is this path"); console.log(process.env.HOME); console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); -console.log(process.env.GITHUB_ACTION_PATH); # apparently we're not a composite action +console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action console.log(process.env.GITHUB_WORKSPACE); console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); From e84e2b1e1d75ee195c8d7801f05bec36583723aa Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:06:44 -0500 Subject: [PATCH 16/23] try relative path approach Signed-off-by: Amndeep Singh Mann --- index.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.js b/index.js index baf4b7228..31bdfe07a 100644 --- a/index.js +++ b/index.js @@ -7,6 +7,6 @@ console.log(process.env.GITHUB_ACTION_REPOSITORY); console.log(process.env.GITHUB_ACTION_REF); console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action console.log(process.env.GITHUB_WORKSPACE); -console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); -console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); -saf_action({safCLIPath: path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); +// console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); +// console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 30afbcb9590fc9f49c5394f84e061d6cb6d283eb Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:09:08 -0500 Subject: [PATCH 17/23] logs Signed-off-by: Amndeep Singh Mann --- index.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.js b/index.js index 31bdfe07a..d3c3334f8 100644 --- a/index.js +++ b/index.js @@ -8,5 +8,6 @@ console.log(process.env.GITHUB_ACTION_REF); console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action console.log(process.env.GITHUB_WORKSPACE); // console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); -// console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.GITHUB_WORKSPACE, '../..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From b91d5f20d9f0d6f19d4cf17df2eb346f0cfbdfa3 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:14:47 -0500 Subject: [PATCH 18/23] fix relative path Signed-off-by: Amndeep Singh Mann --- index.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index d3c3334f8..c36d5db14 100644 --- a/index.js +++ b/index.js @@ -8,6 +8,6 @@ console.log(process.env.GITHUB_ACTION_REF); console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action console.log(process.env.GITHUB_WORKSPACE); // console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); -console.log(path.join(process.env.GITHUB_WORKSPACE, '../..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); -saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); +saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From b222ed63547495e7f937214e5871e9ec6367dff4 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:15:35 -0500 Subject: [PATCH 19/23] actually fix Signed-off-by: Amndeep Singh Mann --- index.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index c36d5db14..352fd59dc 100644 --- a/index.js +++ b/index.js @@ -8,6 +8,6 @@ console.log(process.env.GITHUB_ACTION_REF); console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action console.log(process.env.GITHUB_WORKSPACE); // console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); -console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); +console.log(path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); -saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '..', 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); +saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 7d89e2494c6746876c0286e47190dd64e5ce93cf Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:23:03 -0500 Subject: [PATCH 20/23] get rid of envvar that fails on window every time and also print out tree Signed-off-by: Amndeep Singh Mann --- index.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/index.js b/index.js index 352fd59dc..abf839fd9 100644 --- a/index.js +++ b/index.js @@ -9,5 +9,10 @@ console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite console.log(process.env.GITHUB_WORKSPACE); // console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); console.log(path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); -console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); + +const execSync = require('child_process').execSync; +const output = execSync(`tree ${path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}`, { encoding: 'utf-8' }); +console.log(output); + +// console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From f49ce78c5ca3249ac9d3c8805f15617142e3946c Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Tue, 7 Jan 2025 15:32:26 -0500 Subject: [PATCH 21/23] get rid of logging Signed-off-by: Amndeep Singh Mann --- index.js | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/index.js b/index.js index abf839fd9..d700abef2 100644 --- a/index.js +++ b/index.js @@ -1,18 +1,4 @@ const saf_action = require('./run_command.js'); const path = require('node:path'); -console.log("what is this path"); -console.log(process.env.HOME); -console.log(process.env.GITHUB_ACTION_REPOSITORY); -console.log(process.env.GITHUB_ACTION_REF); -console.log(process.env.GITHUB_ACTION_PATH); // apparently we're not a composite action -console.log(process.env.GITHUB_WORKSPACE); -// console.log(path.join(process.env.GITHUB_WORKSPACE, '..', 'node_modules/@mitre/saf/lib/index.js')); -console.log(path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); - -const execSync = require('child_process').execSync; -const output = execSync(`tree ${path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}`, { encoding: 'utf-8' }); -console.log(output); - -// console.log(path.join(process.env.HOME, 'work/_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')); saf_action({safCLIPath: path.join(process.env.GITHUB_WORKSPACE, '../..', '_actions/', process.env.GITHUB_ACTION_REPOSITORY, process.env.GITHUB_ACTION_REF, 'node_modules/@mitre/saf/lib/index.js')}); From 19a71a7631a5ffdf1ca59d0e1b1233adc6ed06d6 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Thu, 9 Jan 2025 19:20:38 -0500 Subject: [PATCH 22/23] behavior was split out into two different flags Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages-windows.yml | 4 ++-- .github/workflows/example-usages.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/example-usages-windows.yml b/.github/workflows/example-usages-windows.yml index 17cec9cc1..4d24db04d 100644 --- a/.github/workflows/example-usages-windows.yml +++ b/.github/workflows/example-usages-windows.yml @@ -22,11 +22,11 @@ jobs: - name: Test validate threshold with -T uses: mitre/saf_action@update-actions-to-v4 with: - command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path uses: mitre/saf_action@update-actions-to-v4 with: - command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts uses: actions/upload-artifact@v4 if: success() diff --git a/.github/workflows/example-usages.yml b/.github/workflows/example-usages.yml index 8a490f2ef..f91571dcf 100644 --- a/.github/workflows/example-usages.yml +++ b/.github/workflows/example-usages.yml @@ -22,11 +22,11 @@ jobs: - name: Test validate threshold with -T uses: mitre/saf_action@update-actions-to-v4 with: - command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path uses: mitre/saf_action@update-actions-to-v4 with: - command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -T "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' + command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts uses: actions/upload-artifact@v4 if: success() From f64c5c1d48b8aff93beccbb75491af38099a5374 Mon Sep 17 00:00:00 2001 From: Amndeep Singh Mann Date: Thu, 9 Jan 2025 19:36:36 -0500 Subject: [PATCH 23/23] don't point at wip branch anymore Signed-off-by: Amndeep Singh Mann --- .github/workflows/example-usages-windows.yml | 8 ++++---- .github/workflows/example-usages.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/example-usages-windows.yml b/.github/workflows/example-usages-windows.yml index 4d24db04d..0cb5671a5 100644 --- a/.github/workflows/example-usages-windows.yml +++ b/.github/workflows/example-usages-windows.yml @@ -12,19 +12,19 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'view summary -i burpsuite_hdf.json' - name: Test validate threshold with -T - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts diff --git a/.github/workflows/example-usages.yml b/.github/workflows/example-usages.yml index f91571dcf..04e283557 100644 --- a/.github/workflows/example-usages.yml +++ b/.github/workflows/example-usages.yml @@ -12,19 +12,19 @@ jobs: - name: Checkout repo to have access to test data uses: actions/checkout@v4 - name: Test convert data - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'convert burpsuite2hdf -i ./test/sample_data/burpsuite_sample.min -o burpsuite_hdf.json' - name: View summary of burpsuite results - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'view summary -i burpsuite_hdf.json' - name: Test validate threshold with -T - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Test validate threshold with -T with a space in the path - uses: mitre/saf_action@update-actions-to-v4 + uses: mitre/saf_action@main with: command_string: 'validate threshold -i ./test/sample_data/red_hat_good\ with_space.json -I "{\\"error.total\\": 0, \\"compliance.min\\": 50}"' - name: Artifacts