Merge pull request #18 from stacklok/correct_parameters

fix: do not use nested parameters
stacklok · Apr 30, 2024 · e2d7d64 · e2d7d64
2 parents 6f7fb9c + 3512648
commit e2d7d64
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 40 deletions.
diff --git a/README.md b/README.md
@@ -54,7 +54,8 @@ jobs:
       - name: TrustyPkg Action
         uses: stacklok/[email protected]
         with:
-          score_threshold: 5
+          global_threshold: 5
+          provenance_threshold: 5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```

diff --git a/action.yml b/action.yml
@@ -4,40 +4,38 @@ inputs:
   GITHUB_TOKEN:
     description: "GitHub token"
     required: true
-  thresholds:
-    global:
-      description: "Raise global score below this score as an issue"
-      required: false
-      default: 5
-    repo_activity:
-      description: "Raise repo activity below this score as an issue"
-      required: false
-      default: 0
-    author_activity:
-      description: "Raise author activity below this score as an issue"
-      required: false
-      default: 0
-    provenance:
-      description: "Raise provenance below this score as an issue"
-      required: false
-      default: 0
-    typosquatting:
-      description: "Raise typosquatting below this score as an issue"
-      required: false
-      default: 0
-    fail_on:
-      malicious:
-        description: "Fail if package is malicious"
-        required: false
-        default: true
-      deprecated:
-        description: "Fail if package is deprecated"
-        required: false
-        default: true
-      archived:
-        description: "Fail if repo is archived"
-        required: false
-        default: true
+  global_threshold:
+    description: "Raise global score below this score as an issue"
+    required: false
+    default: 5
+  repo_activity_threshold:
+    description: "Raise repo activity below this score as an issue"
+    required: false
+    default: 0
+  author_activity_threshold:
+    description: "Raise author activity below this score as an issue"
+    required: false
+    default: 0
+  provenance_threshold:
+    description: "Raise provenance below this score as an issue"
+    required: false
+    default: 0
+  typosquatting_threshold:
+    description: "Raise typosquatting below this score as an issue"
+    required: false
+    default: 0
+  fail_on_malicious:
+    description: "Fail if package is malicious"
+    required: false
+    default: true
+  fail_on_deprecated:
+    description: "Fail if package is deprecated"
+    required: false
+    default: true
+  fail_on_archived:
+    description: "Fail if repo is archived"
+    required: false
+    default: true
 runs:
   using: "docker"
   image: "Dockerfile"

diff --git a/main.go b/main.go
@@ -59,11 +59,11 @@ func parseFail(failStr string, defaultFail string) bool {
 func main() {
 	ctx := context.Background()
 
-	globalThreshold := parseScore(os.Getenv("INPUT_THRESHOLDS_GLOBAL"), "5")
-	repoActivityThreshold := parseScore(os.Getenv("INPUT_THRESHOLDS_REPO_ACTIVITY"), "0")
-	authorActivityThreshold := parseScore(os.Getenv("INPUT_THRESHOLDS_AUTHOR_ACTIVITY"), "0")
-	provenanceThreshold := parseScore(os.Getenv("INPUT_THRESHOLDS_PROVENANCE"), "0")
-	typosquattingThreshold := parseScore(os.Getenv("INPUT_THRESHOLDS_TYPOSQUATTING"), "0")
+	globalThreshold := parseScore(os.Getenv("INPUT_GLOBAL_THRESHOLD"), "5")
+	repoActivityThreshold := parseScore(os.Getenv("INPUT_REPO_ACTIVITY_THRESHOLD"), "0")
+	authorActivityThreshold := parseScore(os.Getenv("INPUT_AUTHOR_ACTIVITY_THRESHOLD"), "0")
+	provenanceThreshold := parseScore(os.Getenv("INPUT_PROVENANCE_THRESHOLD"), "0")
+	typosquattingThreshold := parseScore(os.Getenv("INPUT_TYPOSQUATTING_THRESHOLD"), "0")
 
 	failOnMalicious := parseFail(os.Getenv("INPUT_FAIL_ON_MALICIOUS"), "true")
 	failOnDeprecated := parseFail(os.Getenv("INPUT_FAIL_ON_DEPRECATED"), "true")