From 3f0895b779fd3b235b859aafbbdd859c13196a57 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Wed, 12 Feb 2025 15:49:53 -0700
Subject: [PATCH] add input for specifying --file-mode

https://github.com/ossf/scorecard/pull/4474

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 README.md                       |  5 +++--
 action.yaml                     |  5 +++++
 internal/scorecard/scorecard.go |  7 ++++++-
 options/env.go                  |  1 +
 options/options.go              |  4 ++++
 options/options_test.go         | 13 ++++++++++++-
 6 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index aa2c374d..4212b681 100644
--- a/README.md
+++ b/README.md
@@ -135,10 +135,11 @@ First, [create a new file](https://docs.github.com/en/repositories/working-with-
 
 | Name | Required | Description |
 | ----- | -------- | ----------- |
-| `result_file` | yes | The file that contains the results. |
-| `result_format` | yes | The format in which to store the results [json \| sarif]. For GitHub's scanning dashboard, select `sarif`. |
+| `results_file` | yes | The file that contains the results. |
+| `results_format` | yes | The format in which to store the results [json \| sarif]. For GitHub's scanning dashboard, select `sarif`. |
 | `repo_token` | no | PAT token with repository read access. Follow [these steps](/docs/authentication/fine-grained-auth-token.md) to create it. |
 | `publish_results` | recommended | This will allow you to display a badge on your repository to show off your hard work. See details [here](#publishing-results).|
+| `file_mode` | no | The method to fetch files from the repository: `archive` or `git` (default `archive`).
 
 ### Publishing Results
 The Scorecard team runs a weekly scan of public GitHub repositories in order to track
diff --git a/action.yaml b/action.yaml
index d367438f..4a380b1c 100644
--- a/action.yaml
+++ b/action.yaml
@@ -37,6 +37,11 @@ inputs:
     required: false
     default: false
 
+  file_mode:
+    description: "INPUT: Method to fetch files from GitHub"
+    required: false
+    default: archive
+
   internal_publish_base_url:
     description: "INPUT: Base URL for publishing results. Used for testing."
     required: false
diff --git a/internal/scorecard/scorecard.go b/internal/scorecard/scorecard.go
index 175d81c6..13da9706 100644
--- a/internal/scorecard/scorecard.go
+++ b/internal/scorecard/scorecard.go
@@ -19,6 +19,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 
 	"github.com/ossf/scorecard-action/options"
 	"github.com/ossf/scorecard/v5/clients"
@@ -35,7 +36,11 @@ func Run(opts *options.Options) (scorecard.Result, error) {
 		return scorecard.Result{}, fmt.Errorf("unable to create repo: %w", err)
 	}
 
-	result, err := scorecard.Run(context.Background(), repo)
+	var scOpts []scorecard.Option
+	if strings.EqualFold(opts.InputFileMode, "git") {
+		scOpts = append(scOpts, scorecard.WithFileModeGit())
+	}
+	result, err := scorecard.Run(context.Background(), repo, scOpts...)
 	if err != nil && !errors.Is(err, sce.ErrCheckRuntime) {
 		return scorecard.Result{}, fmt.Errorf("scorecard had an error: %w", err)
 	}
diff --git a/options/env.go b/options/env.go
index 209685da..67068797 100644
--- a/options/env.go
+++ b/options/env.go
@@ -43,6 +43,7 @@ const (
 	EnvInputResultsFile            = "INPUT_RESULTS_FILE"
 	EnvInputResultsFormat          = "INPUT_RESULTS_FORMAT"
 	EnvInputPublishResults         = "INPUT_PUBLISH_RESULTS"
+	EnvInputFileMode               = "INPUT_FILE_MODE"
 	EnvInputInternalPublishBaseURL = "INPUT_INTERNAL_PUBLISH_BASE_URL"
 )
 
diff --git a/options/options.go b/options/options.go
index feb11b25..b2d7be29 100644
--- a/options/options.go
+++ b/options/options.go
@@ -77,6 +77,7 @@ type Options struct {
 	// Input parameters
 	InputResultsFile   string `env:"INPUT_RESULTS_FILE"`
 	InputResultsFormat string `env:"INPUT_RESULTS_FORMAT"`
+	InputFileMode      string `env:"INPUT_FILE_MODE"`
 
 	PublishResults bool
 }
@@ -199,6 +200,9 @@ func (o *Options) setScorecardOpts() {
 	if o.ScorecardOpts.ResultsFile == "" {
 		o.ScorecardOpts.ResultsFile = o.InputResultsFile
 	}
+
+	// --file-mode=
+	o.ScorecardOpts.FileMode = o.InputFileMode
 }
 
 // setPublishResults sets whether results should be published based on a
diff --git a/options/options_test.go b/options/options_test.go
index 3e1c3615..fdc5e50b 100644
--- a/options/options_test.go
+++ b/options/options_test.go
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//nolint
+// nolint
 package options
 
 import (
@@ -58,6 +58,7 @@ func TestNew(t *testing.T) {
 		resultsFile      string
 		resultsFormat    string
 		publishResults   string
+		fileMode         string
 		want             fields
 		unsetResultsPath bool
 		unsetToken       bool
@@ -71,6 +72,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "sarif",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      formatSarif,
@@ -91,6 +93,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "json",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      options.FormatJSON,
@@ -110,6 +113,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "json",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      options.FormatJSON,
@@ -129,6 +133,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "json",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      options.FormatJSON,
@@ -148,6 +153,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "sarif",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      formatSarif,
@@ -166,6 +172,7 @@ func TestNew(t *testing.T) {
 			githubEventPath: githubEventPathNonFork,
 			githubEventName: pushEvent,
 			githubRef:       "refs/heads/main",
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      formatSarif,
@@ -183,6 +190,7 @@ func TestNew(t *testing.T) {
 			githubEventName: pushEvent,
 			githubRef:       "refs/heads/main",
 			resultsFile:     "",
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      formatSarif,
@@ -202,6 +210,7 @@ func TestNew(t *testing.T) {
 			repo:            testRepo,
 			resultsFormat:   "sarif",
 			resultsFile:     testResultsFile,
+			fileMode:        options.FileModeArchive,
 			want: fields{
 				EnableSarif: true,
 				Format:      formatSarif,
@@ -243,6 +252,8 @@ func TestNew(t *testing.T) {
 			os.Setenv(EnvInputResultsFormat, tt.resultsFormat)
 			defer os.Unsetenv(EnvInputResultsFormat)
 
+			t.Setenv(EnvInputFileMode, tt.fileMode)
+
 			if tt.unsetResultsPath {
 				os.Unsetenv(EnvInputResultsFile)
 			} else {