chore(action): bind debug input to action debug #2829
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When an action will be executed in debug mode (e.g. via GitHub UI) the secret `ACTIONS_STEP_DEBUG` will be set to true (empty if not enabled). This typically will allow to detect if a run is in debug mode. Because a GitHub action can not automatically read secrets the `runner.debug` variable needs to be used to determine if debug mode is enabled. When using this as default for the debug input of the action the debug will automatically be forwarded to sechub. Overwriting is always possible for the endusers because it is only the default setting of this action.
|
@fty4 : First of all: Thank you for the contribution. Currently I am extremely refactoring the complete github action (more scan types, provide an integration test to run/test it at local machine (mocking automatically GH actions) and much more). When I have done the refactorings and the improvements, I will return to this PR and give you feedback/discuss further steps etc. Sorry for the inconvenience/the delay... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
description
When an action will be executed in debug mode (e.g. via GitHub UI) the secret
ACTIONS_STEP_DEBUGwill be set to true (empty if not enabled). This typically will allow to detect if a run is in debug mode. Because a GitHub action can not automatically read secrets therunner.debugvariable needs to be used to determine if debug mode is enabled.When using this as default for the debug input of the action the debug will automatically be forwarded to SecHub.
Overwriting is always possible for the endusers because it is only the default setting of this action.
This change was already tested within GHE.
useful links
limitation
The only problem here is that instead of a not existing
steps.debugvariable therunner.debugvariable is used.For debugging steps the usage of the steps context would be better here - but because this context does not offer a debug property we are using the runners property here.
Because when the debug is enabled via UI (I guess this is the most common approach) it will trigger the debug mode for this action as well (...but via the runner).
re-run (failed) jobs popup
additonal information
Because the
runner.debugreturns a1a expression is used to make a boolean out of it.Marco Lecheler marco.lecheler@mercedes-benz.com Mercedes-Benz Tech Innovation GmbH (ProviderInformation)