rootCmd runs scorecard checks given a set of arguments.
(o *options.Options)
| 127 | |
| 128 | // rootCmd runs scorecard checks given a set of arguments. |
| 129 | func rootCmd(o *options.Options) error { |
| 130 | ctx := context.Background() |
| 131 | |
| 132 | // Build the list of repos (only split this logic out) |
| 133 | repoURLs, err := buildRepoURLs(ctx, o) |
| 134 | if err != nil { |
| 135 | return err |
| 136 | } |
| 137 | |
| 138 | // Shared setup |
| 139 | pol, err := policy.ParseFromFile(o.PolicyFile) |
| 140 | if err != nil { |
| 141 | return fmt.Errorf("readPolicy: %w", err) |
| 142 | } |
| 143 | |
| 144 | // Read docs. |
| 145 | checkDocs, err := docs.Read() |
| 146 | if err != nil { |
| 147 | return fmt.Errorf("cannot read yaml file: %w", err) |
| 148 | } |
| 149 | |
| 150 | var requiredRequestTypes []checker.RequestType |
| 151 | // if local option not set add file based |
| 152 | if o.Local != "" { |
| 153 | requiredRequestTypes = append(requiredRequestTypes, checker.FileBased) |
| 154 | } |
| 155 | // if commit option set to anything other than HEAD add commit based |
| 156 | if !strings.EqualFold(o.Commit, clients.HeadSHA) { |
| 157 | requiredRequestTypes = append(requiredRequestTypes, checker.CommitBased) |
| 158 | } |
| 159 | |
| 160 | // this call to policy is different from the one in scorecard.Run |
| 161 | // this one is concerned with a policy file, while the scorecard.Run call is |
| 162 | // more concerned with the supported request types |
| 163 | enabledChecks, err := policy.GetEnabled(pol, o.Checks(), requiredRequestTypes, "") |
| 164 | if err != nil { |
| 165 | return fmt.Errorf("GetEnabled: %w", err) |
| 166 | } |
| 167 | checks := make([]string, 0, len(enabledChecks)) |
| 168 | for c := range enabledChecks { |
| 169 | checks = append(checks, c) |
| 170 | } |
| 171 | |
| 172 | enabledProbes := o.Probes() |
| 173 | |
| 174 | info := version.GetVersionInfo() |
| 175 | actions := osvscanner.ExperimentalScannerActions{} |
| 176 | config := clients.OSVConfig{} |
| 177 | actions.RequestUserAgent = fmt.Sprintf("scorecard-cli/%s", info.GitVersion) |
| 178 | config.UserAgent = actions.RequestUserAgent |
| 179 | |
| 180 | opts := []scorecard.Option{ |
| 181 | scorecard.WithLogLevel(sclog.ParseLevel(o.LogLevel)), |
| 182 | scorecard.WithCommitSHA(o.Commit), |
| 183 | scorecard.WithCommitDepth(o.CommitDepth), |
| 184 | scorecard.WithProbes(enabledProbes), |
| 185 | scorecard.WithChecks(checks), |
| 186 | scorecard.WithVulnerabilitiesClient(clients.NewOSVClient(&config)), |
no test coverage detected