Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an option to disable GitHub annotations (createGitHubAnnotations) #45

Merged
merged 1 commit into from
Jan 31, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ See also [Uploading a SARIF file to GitHub](https://docs.github.com/en/code-secu
|`sourcePath`|no |"." |Root directory for sources. Uses by default the current directory|
|`rulesets` |yes| |Comma separated list of ruleset names to use.|
|`analyzeModifiedFilesOnly`|no|"true"|Instead of analyze all files under "sourcePath", only the files that have been touched in a pull request or push will be analyzed. This makes the analysis faster and helps especially bigger projects which gradually want to introduce PMD. This helps in enforcing that no new code violation is introduced.<br>Depending on the analyzed language, the results might be less accurate results. At the moment, this is not a problem, as PMD mostly analyzes each file individually, but that might change in the future.<br>If the change is very big, not all files might be analyzed. Currently the maximum number of modified files is 300.<br>Note: When using PMD as a code scanner in order to create "Code scanning alerts" on GitHub, all files should be analyzed in order to produce a complete picture of the project. Otherwise alerts might get closed soo soon.|
|`createGitHubAnnotations`|no|"true"|By default, all detected violations are added as annotations to the pull request. You can disable this by setting FALSE. This can be useful if you are using another tool for this purpose.|

## Outputs

Expand Down
9 changes: 8 additions & 1 deletion action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,14 @@ inputs:
complete picture of the project. Otherwise alerts might get closed soo
soon.
required: false
default: true
default: 'true'
createGitHubAnnotations:
description: >-
By default, all detected violations are added as annotations to the pull
request. You can disable this by setting FALSE. This can be useful if you
are using another tool for this purpose.
required: false
default: 'true'
outputs:
violations:
description: Number of violations found
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js

Large diffs are not rendered by default.

6 changes: 4 additions & 2 deletions lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,10 @@ async function main() {
core.setOutput('violations', violations);
core.info(`PMD detected ${violations} violations.`);

const report = sarif.loadReport(reportFile);
annotations.processSarifReport(report);
if (core.getInput('createGitHubAnnotations', { required: true}) === 'true') {
const report = sarif.loadReport(reportFile);
annotations.processSarifReport(report);
}

const artifactClient = artifact.create();
await artifactClient.uploadArtifact('PMD Report', [reportFile], '.', {
Expand Down