added seperate actions for install and report

sharmayajush · sharmayajush · commit 7d2763b20444 · 2023-08-14T13:09:43.000+05:30
update

added flags and args

fixes

added branding

fixes
diff --git a/action.yaml b/action.yaml
diff --git a/actions/install-action/action.yaml b/actions/install-action/action.yaml
@@ -0,0 +1,47 @@
+name: accuknox-install
+description: 'Install accuknox-cli, kubearmor and discovery engine '
+inputs:
+  kubearmor-image: 
+    description: 'kubearmor image to be installed'
+    required: true
+    default: ""
+  discovery-engine-image:
+    description: 'discovery engine image to be installed'
+    required: true
+    default: ""
+  workload-namespace:
+    description: 'workload namespaces'
+    required: false
+    default: ""
+
+
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout accuknox-cli repo and install kubearmor and discovery engine
+      uses: actions/checkout@v3
+      with:
+        repository: rajaSahil/accuknox-cli
+        ref: feat-report
+        path: accuknox-cli
+        run: |
+          cd accuknox-cli
+          ./accuknox-cli version
+
+          setupArgs=""
+          if [ "${{ inputs.kubearmor-image }}" != "" ]; then
+            setupArgs+= " -i ${{ inputs.kubearmor-image }}"
+          fi
+          if [ "${{ inputs.discovery-engine-image }}" != "" ];then
+            setupArgs += " -di ${{ inputs.discovery-engine-image }}"
+          fi
+          if [ "${{ inputs.workload-namespace }}" != "" ];then
+            setupArgs += " -n ${{ inputs.workload-namespace }}"
+          fi
+
+          ./accuknox-cli install $setupArgs
+        shell: bash
+
+branding:
+  icon: 'check-circle'
+  color: 'green'
diff --git a/actions/report-action/action.yaml b/actions/report-action/action.yaml
@@ -0,0 +1,102 @@
+name: accuknox-report
+description: 'Get reports using kubearmor and discovery engine'
+inputs:
+  baseline-report-path:
+    description: 'baseline report path'
+    required: true
+    default: "baseline/report.json"
+  labels:
+    description: 'labels. possible value: kubearmor-app: kubearmor-relay'
+    required: false
+    default: ""
+  operation:
+    description: 'operation. possible values: process, file, network, syscall'
+    required: false
+    default: ""
+  container-name:
+    description: 'container name'
+    required: false
+    default: ""
+  namespaces:
+    description: 'namespaces'
+    required: false
+    default: ""
+  workloads:
+    description: 'workloads. possible values: deployment/mysql, statefulsets/vault, deployment/*'
+    required: false
+    default: ""
+  source:
+    description: 'source'
+    required: false
+    default: ""
+  process-ignore-paths:
+    description: 'process ignore paths. possible value: /sbin '
+    required: false
+    default: ""
+  file-ignore-paths:
+    description: 'file ignore paths. possible value: /sbin '
+    required: false
+    default: ""
+  ignore-return-code:
+    description: 'ignore return code. possible values: true/false'
+    required: false
+    default: ""
+  view:
+    description: 'view type. possible value: tabular'
+    required: false
+    default: "tabular"
+
+
+runs:
+  using: "composite"
+  steps:
+    - name: Generate report
+      run: |
+        setupArgs=""
+        if [ "${{ inputs.baseline-report-path }}" != "" ]; then
+          setupArgs+=" -b ${{ inputs.baseline-report-path }}"
+        fi
+        if [ "${{ inputs.labels }}" != "" ]; then
+          setupArgs+=" -l ${{ inputs.labels }}"
+        fi
+        if [ "${{ inputs.operation }}" != "" ]; then
+          setupArgs+=" -t ${{ inputs.operation }}"
+        fi
+        if [ "${{ inputs.container-name }}" != "" ]; then
+          setupArgs+=" --container ${{ inputs.container-name }}"
+        fi
+        if [ "${{ inputs.namespaces }}" != "" ]; then
+          setupArgs+=" -n ${{ inputs.namespaces }}"
+        fi
+        if [ "${{ inputs.source }}" != "" ]; then
+          setupArgs+=" -s ${{ inputs.source }}"
+        fi
+        if [ "${{ inputs.file-ignore-paths }}" != "" ]; then
+          setupArgs+=" -i ${{ inputs.file-ignore-paths }}"
+        fi
+        if [ "${{ inputs.process-ignore-paths }}" != "" ]; then
+          setupArgs+=" -i ${{ inputs.process-ignore-paths }}"
+        fi
+
+        ./accuknox-cli report $setupArgs
+        
+        mkdir downloads
+        mv /tmp/report-*.json downloads/report.json
+        mv /tmp/diff-report-*.json downloads/diff-report.json
+        mv /tmp/diff-report-*.md downloads/diff-report.md
+      shell: bash
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v2
+      with:
+        name: Baseline report
+        path: downloads
+    
+    - name: PR comment with file
+      uses: thollander/actions-comment-pull-request@v2
+      with:
+        filePath: downloads/diff-report.md
+
+branding:
+  icon: 'check-circle'
+  color: 'green'
