Show negative results in some check details#98
Merged
inferno-chromium merged 4 commits intoossf:mainfrom Dec 20, 2020
Merged
Conversation
Negative results logged with a "!!" prefix. Updates ossf#95 $ go run . --repo=github.com/ossf/scorecard --show-details --checks=Pull-Requests Starting [Pull-Requests] Finished [Pull-Requests] RESULTS ------- Pull-Requests: Pass 9 !! found commit without PR: 71dace5, committer: dlorenc found PRs for 29 out of 30 commits
Negative results logged with a "!!" prefix. Updates ossf#95 $ go run . --repo=github.com/cilium/cilium --show-details --checks=Signed-Tags Starting [Signed-Tags] Finished [Signed-Tags] RESULTS ------- Signed-Tags: Fail 4 verified tag found: v1.9.0-rc1, commit: a46b5c308779b00676bcbffe6847701984fb7ec7 !! unverified tag found: v1.9.0-rc2, commit: 2ee8e4659ad4050154eb83008ba6434bddad44eb, reason: unsigned verified tag found: v1.9.0-rc3, commit: ee77e846a9b85e318d6d077c801e2615d5e7dbe3 !! unverified tag found: v1.9.0, commit: 1cdd547dce26adb046d117494d559c64007365fd, reason: unsigned verified tag found: v1.9.1, commit: bb4abe1720cb56c6a5f74d0567665555ad8434f1 found 3 of 5 verified tags
Negative results logged with a "!!" prefix. Updates ossf#95 $ go run . --repo=github.com/gohugoio/hugo --show-details --checks=Signed-Releases Starting [Signed-Releases] Finished [Signed-Releases] RESULTS ------- Signed-Releases: Fail 10 release found: v0.79.1 !! release v0.79.1 has no signed artifacts release found: v0.79.0 !! release v0.79.0 has no signed artifacts release found: v0.78.2 !! release v0.78.2 has no signed artifacts release found: v0.78.1 !! release v0.78.1 has no signed artifacts release found: v0.78.0 !! release v0.78.0 has no signed artifacts release found: v0.77.0 !! release v0.77.0 has no signed artifacts found signed artifacts for 0 of 6 releases
inferno-chromium
suggested changes
Dec 20, 2020
Contributor
inferno-chromium
left a comment
inferno-chromium
left a comment
There was a problem hiding this comment.
Thanks a lot, minor changes needed.
| } | ||
| if gt.GetVerification().GetVerified() { | ||
| c.Logf("signed tag found: %s, commit: %s", t.Name, sha) | ||
| c.Logf("verified tag found: %s, commit: %s", t.Name, sha) |
Contributor
There was a problem hiding this comment.
verified is slightly confusing word, that is why we keep check name as signed. i prefer signed for all of these, thoughts ?
Contributor
Author
There was a problem hiding this comment.
I changed the terminology for a repo such as git, as shown below. They're signed but GH can't verify the key, so the check fails. Logging "unsigned tag found" in this scenario is confusing.
I'd like to keep the new "reason" entry in the output either way, but I can change back to "signed" instead of "verified" if you wish.
go run . --repo=github.com/git/git --show-details --checks=Signed-Tags
Starting [Signed-Tags]
Finished [Signed-Tags]
RESULTS
-------
Signed-Tags: Fail 10
!! unverified tag found: v2.29.0, commit: 0c6ff04c974f0aab239e9ba46307e1d1a4904d66, reason: unknown_key
!! unverified tag found: v2.29.1, commit: 6c5034eca4973ae22eee0436e34f9f010895bea3, reason: unknown_key
!! unverified tag found: v2.29.2, commit: 1ec19b7757a1acb11332f06e8e812b505490afc6, reason: unknown_key
!! unverified tag found: v2.30.0-rc0, commit: a8eaf9de52c2d49799d7dc724e688ccbfa74390c, reason: unknown_key
!! unverified tag found: v2.30.0-rc1, commit: cb70effebd91d9e0d4ce81650785e973b5d16ad1, reason: unknown_key
found 0 out of 5 verified tags
Log positive results in Pull-Requests and update log messages in Signed-Releases and Signed-Tags.
inferno-chromium
approved these changes
Dec 20, 2020
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I have one commit per check in this PR. See commit messages for more details.
I'd like to get more checks updated, but these are the simple ones.
Updates #95