diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 33a5d609..7b2ad852 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -25,3 +25,8 @@ updates: directory: tools/sgmdformat schedule: interval: weekly + + - package-ecosystem: npm + directory: tools/sgcspevaluatorcli + schedule: + interval: weekly diff --git a/tools/sgcspevaluatorcli/package.json b/tools/sgcspevaluatorcli/package.json new file mode 100644 index 00000000..ac52a673 --- /dev/null +++ b/tools/sgcspevaluatorcli/package.json @@ -0,0 +1,5 @@ +{ + "dependencies": { + "@einride/csp-evaluator-cli": "1.0.0" + } +} diff --git a/tools/sgcspevaluatorcli/tools.go b/tools/sgcspevaluatorcli/tools.go new file mode 100644 index 00000000..e38d5ee1 --- /dev/null +++ b/tools/sgcspevaluatorcli/tools.go @@ -0,0 +1,51 @@ +package sgcspevaluatorcli + +import ( + "context" + _ "embed" + "os" + "os/exec" + "path/filepath" + + "go.einride.tech/sage/sg" + "go.einride.tech/sage/sgtool" +) + +const name = "csp" + +//go:embed package.json +var packageJSONContent []byte + +func Command(ctx context.Context, args ...string) *exec.Cmd { + sg.Deps(ctx, PrepareCommand) + return sg.Command(ctx, sg.FromBinDir(name), args...) +} + +func PrepareCommand(ctx context.Context) error { + sg.Logger(ctx).Println("installing packages...") + toolDir := sg.FromToolsDir(name) + if err := os.MkdirAll(toolDir, 0o755); err != nil { + return err + } + packageJSONPath := filepath.Join(toolDir, "package.json") + if err := os.WriteFile(packageJSONPath, packageJSONContent, 0o600); err != nil { + return err + } + cmd := sg.Command( + ctx, + "npm", + "--silent", + "install", + "--prefix", + toolDir, + "--no-save", + "--no-audit", + "--ignore-script", + ) + if err := cmd.Run(); err != nil { + return err + } + binary := filepath.Join(toolDir, "node_modules", ".bin", name) + _, err := sgtool.CreateSymlink(binary) + return err +}