From 3069f88aa1532bbd65aa686d9d77107d48ce045c Mon Sep 17 00:00:00 2001 From: Jeremy Dubreil Date: Wed, 17 Jun 2026 13:40:45 +0000 Subject: [PATCH] chore(COD-7131): cleaning up dead code --- .github/workflows/integration-test.yml | 1 - action.yaml | 10 ------ package.json | 2 +- src/index.ts | 47 ++++++++++---------------- src/util.ts | 7 +--- test/util.test.ts | 21 ------------ tsconfig.json | 1 + 7 files changed, 21 insertions(+), 68 deletions(-) delete mode 100644 test/util.test.ts diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 4a0e00ad..901df34f 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -13,7 +13,6 @@ env: LW_ACCOUNT: ${{ secrets.LW_ACCOUNT_CAT }} LW_API_KEY: ${{ secrets.LW_API_KEY_CAT }} LW_API_SECRET: ${{ secrets.LW_API_SECRET_CAT }} - DEBUG: true jobs: build: diff --git a/action.yaml b/action.yaml index f2494f1f..dcf2841a 100644 --- a/action.yaml +++ b/action.yaml @@ -9,10 +9,6 @@ inputs: target: description: 'One of push, old or new to represent which is being analyzed' required: false - debug: - description: 'Set to true to enable debug logging' - required: false - default: false token: description: 'Set to a GitHub token for the repository with write permissions for PRs to enable PR comments' required: false @@ -53,11 +49,6 @@ runs: echo "Lacework context ID: $LACEWORK_CONTEXT_ID" echo "LACEWORK_CONTEXT_ID=$(echo $LACEWORK_CONTEXT_ID)" >> $GITHUB_ENV echo "LACEWORK_ACTION_REF=$(echo $LACEWORK_ACTION_REF)" >> $GITHUB_ENV - - name: Sets LW_LOG var for debug - shell: bash - if: ${{ inputs.debug == 'true' }} - run: | - echo "LW_LOG=debug" >> $GITHUB_ENV - name: Set Lacework account environment variable shell: bash run: | @@ -80,7 +71,6 @@ runs: with: sources: '${{ inputs.sources }}' target: '${{ inputs.target }}' - debug: '${{ inputs.debug }}' token: '${{ inputs.token || github.token }}' footer: '${{ inputs.footer }}' code-scanning-path: '${{ inputs.code-scanning-path }}' diff --git a/package.json b/package.json index 71b4ddda..8ac4125c 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "ts-md5": "^1.3.1" }, "scripts": { - "test": "npx jest", + "test": "npx jest --passWithNoTests", "compile": "npx tsc", "lint-check": "npx eslint **/*.ts", "lint-fix": "npx eslint --fix **/*.ts", diff --git a/src/index.ts b/src/index.ts index defff7fa..cf1a5787 100644 --- a/src/index.ts +++ b/src/index.ts @@ -49,8 +49,6 @@ async function runAnalysis() { } } - const enableIacRunning = true - // Create scan-results directory const resultsPath = path.join(process.cwd(), 'scan-results') @@ -58,7 +56,7 @@ async function runAnalysis() { let cacheHit = false let cacheKey: string | undefined if (targetScan === 'old') { - cacheKey = await generateCacheKey(enableIacRunning, targetScan, modifiedFiles) + cacheKey = await generateCacheKey(targetScan, modifiedFiles) if (cacheKey) { const restored = await cache.restoreCache([resultsPath], cacheKey) if (restored) { @@ -73,11 +71,11 @@ async function runAnalysis() { } if (!cacheHit) { - let success = await runCodesec('scan', enableIacRunning, resultsPath, targetScan, modifiedFiles) + let success = await runCodesec('scan', true, resultsPath, targetScan, modifiedFiles) if (success && targetScan !== 'new') { // Save the analysis results when not scanning the PR source branch if (!cacheKey) { - cacheKey = await generateCacheKey(enableIacRunning, targetScan, modifiedFiles) + cacheKey = await generateCacheKey(targetScan, modifiedFiles) } if (cacheKey) { try { @@ -99,14 +97,12 @@ async function runAnalysis() { break } } - if (enableIacRunning) { - const iacDir = path.join(resultsPath, 'iac') - for (const name of possibleNames) { - const existing = path.join(iacDir, `iac-${name}.json`) - if (existsSync(existing) && name !== targetScan) { - renameSync(existing, path.join(iacDir, `iac-${targetScan}.json`)) - break - } + const iacDir = path.join(resultsPath, 'iac') + for (const name of possibleNames) { + const existing = path.join(iacDir, `iac-${name}.json`) + if (existsSync(existing) && name !== targetScan) { + renameSync(existing, path.join(iacDir, `iac-${targetScan}.json`)) + break } } } @@ -128,14 +124,12 @@ async function runAnalysis() { } // Upload IAC JSON from the returned results path - if (enableIacRunning) { - const iacJsonFile = path.join(resultsPath, 'iac', `iac-${targetScan}.json`) - if (existsSync(iacJsonFile)) { - info(`Found IAC JSON file to upload: ${iacJsonFile}`) - toUpload.push(iacJsonFile) - } else { - info(`IAC JSON file not found at: ${iacJsonFile}`) - } + const iacJsonFile = path.join(resultsPath, 'iac', `iac-${targetScan}.json`) + if (existsSync(iacJsonFile)) { + info(`Found IAC JSON file to upload: ${iacJsonFile}`) + toUpload.push(iacJsonFile) + } else { + info(`IAC JSON file not found at: ${iacJsonFile}`) } const artifactName = 'results-' + target @@ -145,8 +139,6 @@ async function runAnalysis() { } async function displayResults() { - const enableIacRunning = true - info('Displaying results') // Download artifacts from previous jobs @@ -155,21 +147,18 @@ async function displayResults() { // Create local scan-results directory for compare mkdirSync('scan-results/sca', { recursive: true }) - if (enableIacRunning) { - mkdirSync('scan-results/iac', { recursive: true }) - } + mkdirSync('scan-results/iac', { recursive: true }) // Check and copy files for each scanner type if (!(await prepareScannerFiles('sca', artifactOld, artifactNew))) { error('SCA files not found. Cannot perform compare.') return } - const iacAvailable = - enableIacRunning && (await prepareScannerFiles('iac', artifactOld, artifactNew)) + const iacAvailable = await prepareScannerFiles('iac', artifactOld, artifactNew) // Run codesec compare mode with available scanners const resultsPath = path.join(process.cwd(), 'scan-results') - await runCodesec('compare', enableIacRunning && iacAvailable, resultsPath) + await runCodesec('compare', iacAvailable, resultsPath) // Read comparison output - check all possible outputs const outputs = [ diff --git a/src/util.ts b/src/util.ts index 50d48c07..36471b80 100644 --- a/src/util.ts +++ b/src/util.ts @@ -39,10 +39,6 @@ function getBooleanInput(name: string) { return getInput(name).toLowerCase() === 'true' } -export function debug() { - return getBooleanInput('debug') || isDebug() -} - export function getActionRef(): string { return getOptionalEnvVariable('LACEWORK_ACTION_REF', 'unknown') } @@ -327,14 +323,13 @@ export function readMarkdownFile(filePath: string): string { } export async function generateCacheKey( - runIac: boolean, scanTarget?: string, modifiedFiles?: string ): Promise { const reportsDir = path.join(os.tmpdir(), `codesec-cache-${Date.now()}`) try { - await runCodesec('scan', runIac, reportsDir, scanTarget, modifiedFiles, true) + await runCodesec('scan', true, reportsDir, scanTarget, modifiedFiles, true) } catch (e) { info(`Cache key generation failed: ${(e as Error).message}`) return undefined diff --git a/test/util.test.ts b/test/util.test.ts deleted file mode 100644 index 8dd61b83..00000000 --- a/test/util.test.ts +++ /dev/null @@ -1,21 +0,0 @@ -import { debug } from '../src/util' - -const actionsCore = require('@actions/core') -jest.mock('@actions/core') - -test('debug on via isDebug', () => { - actionsCore.isDebug.mockReturnValue(true) - actionsCore.getInput.mockReturnValue('') - expect(debug()).toBe(true) -}) - -test('debug on via debug input', () => { - actionsCore.getInput.mockImplementation((name: string) => (name === 'debug' ? 'true' : 'false')) - expect(debug()).toBe(true) -}) - -test('debug off by default', () => { - actionsCore.isDebug.mockReturnValue(false) - actionsCore.getInput.mockReturnValue('') - expect(debug()).toBe(false) -}) diff --git a/tsconfig.json b/tsconfig.json index 53b70b85..3d675e1d 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -6,6 +6,7 @@ "strict": true, "skipLibCheck": true, "sourceMap": true, + "rootDir": ".", "outDir": "dist" } }