| 41 | var errWrongValue = errors.New("wrong value, should not happen") |
| 42 | |
| 43 | func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { |
| 44 | if raw == nil { |
| 45 | return nil, "", fmt.Errorf("%w: raw", uerror.ErrNil) |
| 46 | } |
| 47 | |
| 48 | r := raw.BranchProtectionResults |
| 49 | var findings []finding.Finding |
| 50 | |
| 51 | if len(r.Branches) == 0 { |
| 52 | f, err := finding.NewWith(fs, Probe, "no branches found", nil, finding.OutcomeNotApplicable) |
| 53 | if err != nil { |
| 54 | return nil, Probe, fmt.Errorf("create finding: %w", err) |
| 55 | } |
| 56 | findings = append(findings, *f) |
| 57 | return findings, Probe, nil |
| 58 | } |
| 59 | |
| 60 | for i := range r.Branches { |
| 61 | branch := &r.Branches[i] |
| 62 | |
| 63 | nilMsg := fmt.Sprintf("could not determine whether branch '%s' requires PRs to change code", *branch.Name) |
| 64 | trueMsg := fmt.Sprintf("PRs are required in order to make changes on branch '%s'", *branch.Name) |
| 65 | falseMsg := fmt.Sprintf("PRs are not required to make changes on branch '%s'; ", *branch.Name) + |
| 66 | "or we don't have data to detect it." + |
| 67 | "If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo " + |
| 68 | "Rules (that are always public) instead of Branch Protection settings" |
| 69 | |
| 70 | p := branch.BranchProtectionRule.PullRequestRule.Required |
| 71 | |
| 72 | f, err := finding.NewWith(fs, Probe, "", nil, finding.OutcomeNotAvailable) |
| 73 | if err != nil { |
| 74 | return nil, Probe, fmt.Errorf("create finding: %w", err) |
| 75 | } |
| 76 | |
| 77 | switch { |
| 78 | case p == nil: |
| 79 | f = f.WithMessage(nilMsg).WithOutcome(finding.OutcomeNotAvailable) |
| 80 | case *p: |
| 81 | f = f.WithMessage(trueMsg).WithOutcome(finding.OutcomeTrue) |
| 82 | case !*p: |
| 83 | f = f.WithMessage(falseMsg).WithOutcome(finding.OutcomeFalse) |
| 84 | default: |
| 85 | return nil, Probe, fmt.Errorf("create finding: %w", errWrongValue) |
| 86 | } |
| 87 | f = f.WithValue(BranchNameKey, *branch.Name) |
| 88 | findings = append(findings, *f) |
| 89 | } |
| 90 | return findings, Probe, nil |
| 91 | } |