workflow

Documentation

Overview

Package workflow implements the Dangerous Workflow security policy check from scorecard.

Index

• func NewWorkflow() policydef.Policy
• type OrgConfig
• type RepoConfig
• type Workflow
  • func (b Workflow) Check(ctx context.Context, c *github.Client, owner, repo string) (*policydef.Result, error)
  • func (b Workflow) Fix(ctx context.Context, c *github.Client, owner, repo string) error
  • func (b Workflow) GetAction(ctx context.Context, c *github.Client, owner, repo string) string
  • func (b Workflow) IsEnabled(ctx context.Context, c *github.Client, owner, repo string) (bool, error)
  • func (b Workflow) Name() string

Functions

func NewWorkflow

func NewWorkflow() policydef.Policy

NewWorkflow returns a new Dangerous Workflow policy.

Types

type OrgConfig

type OrgConfig struct {
	// OptConfig is the standard org-level opt in/out config, RepoOverride applies to all
	// config.
	OptConfig config.OrgOptConfig `json:"optConfig"`

	// Action defines which action to take, default log, other: issue...
	Action string `json:"action"`
}

OrgConfig is the org-level config definition for this policy.

type RepoConfig

type RepoConfig struct {
	// OptConfig is the standard repo-level opt in/out config.
	OptConfig config.RepoOptConfig `json:"optConfig"`

	// Action overrides the same setting in org-level, only if present.
	Action *string `json:"action"`
}

RepoConfig is the repo-level config for this policy.

type Workflow

type Workflow bool

Workflow is the Dangerous Workflow policy object, implements policydef.Policy.

func (Workflow) Check

func (b Workflow) Check(ctx context.Context, c *github.Client, owner,
	repo string) (*policydef.Result, error)

Check performs the policy check for this policy based on the configuration stored in the org/repo, implementing policydef.Policy.Check()

func (Workflow) Fix

func (b Workflow) Fix(ctx context.Context, c *github.Client, owner, repo string) error

Fix implementing policydef.Policy.Fix(). Scorecard checks will not have a Fix option.

func (Workflow) GetAction

func (b Workflow) GetAction(ctx context.Context, c *github.Client, owner, repo string) string

GetAction returns the configured action from this policy's configuration stored in the org-level repo, default log. Implementing policydef.Policy.GetAction()

func (Workflow) IsEnabled

func (b Workflow) IsEnabled(ctx context.Context, c *github.Client, owner, repo string) (bool, error)

Check whether this policy is enabled or not

func (Workflow) Name

func (b Workflow) Name() string

Name returns the name of this policy, implementing policydef.Policy.Name()