/sarif4reviewdog

Static Analysis Results Interchange Format (SARIF) support for reviewdog by converting it into Reviewdog Diagnostic Format (RDFormat)

Primary LanguagePythonMIT LicenseMIT

SARIF for Reviewdog

Test reviewdog depup release GitHub release (latest SemVer) action-bumpr supported

PR example

The Static Analysis Results Interchange Format (SARIF) is an industry standard format for the output of static analysis tools.

reviewdog is an automated code review tool integrated with any code analysis tools regardless of programming language.

Input

inputs:
  github_token:
    description: 'GITHUB_TOKEN'
    default: '${{ github.token }}'
  ### Flags for reviewdog ###
  tool_name:
    description: 'Tool name to use for reviewdog reporter'
    default: 'SARIF'
  level:
    description: 'Report level for reviewdog [info,warning,error]'
    default: 'error'
  reporter:
    description: 'Reporter of reviewdog command [github-pr-check,github-pr-review].'
    default: 'github-pr-review'
  filter_mode:
    description: |
      Filtering mode for the reviewdog command [added,diff_context,file,nofilter].
      Default is added.
    default: 'added'
  fail_on_error:
    description: |
      Exit code for reviewdog when errors are found [true,false]
      Default is `false`.
    default: 'false'
  reviewdog_flags:
    description: 'Additional reviewdog flags'
    default: ''
  ### Flags for linter ###
  file:
    description: 'SARIF file path'
    default: ''
    required: true

Usage

name: sarif4reviewdog
on: [pull_request]
jobs:
  # TODO: change `linter_name`.
  sarif_reviewdog:
    name: sarif reviewdog
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
    steps:
      - uses: actions/checkout@v2
      - uses: HollowMan6/sarif4reviewdog@v1
        with:
          file: 'results.sarif'
          # Remember to allow GitHub Actions to create and approve pull requests
          # https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests
          github_token: ${{ secrets.github_token }}
          # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review].
          reporter: github-pr-review
          # Change reporter level if you need.
          # GitHub Status Check won't become failure with warning.
          level: warning

Development

Release

You can bump version on merging Pull Requests with specific labels (bump:major,bump:minor,bump:patch). Pushing tag manually by yourself also work.

This action updates major/minor release tags on a tag push. e.g. Update v1 and v1.2 tag when released v1.2.3. ref: https://help.github.com/en/articles/about-actions#versioning-your-action

Dependencies Update Automation

This repository uses reviewdog/action-depup to update reviewdog version.