add input for specifying --file-mode

ossf/scorecard#4474 Signed-off-by: Spencer Schrock <[email protected]>
spencerschrock · Feb 12, 2025 · a4a6f9d · a4a6f9d
1 parent 9165624
commit a4a6f9d
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -135,10 +135,11 @@ First, [create a new file](https://docs.github.com/en/repositories/working-with-
 
 | Name | Required | Description |
 | ----- | -------- | ----------- |
-| `result_file` | yes | The file that contains the results. |
-| `result_format` | yes | The format in which to store the results [json \| sarif]. For GitHub's scanning dashboard, select `sarif`. |
+| `results_file` | yes | The file that contains the results. |
+| `results_format` | yes | The format in which to store the results [json \| sarif]. For GitHub's scanning dashboard, select `sarif`. |
 | `repo_token` | no | PAT token with repository read access. Follow [these steps](/docs/authentication/fine-grained-auth-token.md) to create it. |
 | `publish_results` | recommended | This will allow you to display a badge on your repository to show off your hard work. See details [here](#publishing-results).|
+| `file_mode` | no | The method to fetch files from the repository: `archive` or `git` (default `archive`).
 
 ### Publishing Results
 The Scorecard team runs a weekly scan of public GitHub repositories in order to track

diff --git a/action.yaml b/action.yaml
@@ -37,6 +37,11 @@ inputs:
     required: false
     default: false
 
+  file_mode:
+    description: "INPUT: Method to fetch files from GitHub"
+    required: false
+    default: archive
+
   internal_publish_base_url:
     description: "INPUT: Base URL for publishing results. Used for testing."
     required: false

diff --git a/options/env.go b/options/env.go
@@ -43,6 +43,7 @@ const (
 	EnvInputResultsFile            = "INPUT_RESULTS_FILE"
 	EnvInputResultsFormat          = "INPUT_RESULTS_FORMAT"
 	EnvInputPublishResults         = "INPUT_PUBLISH_RESULTS"
+	EnvInputFileMode               = "INPUT_FILE_MODE"
 	EnvInputInternalPublishBaseURL = "INPUT_INTERNAL_PUBLISH_BASE_URL"
 )
 

diff --git a/options/options.go b/options/options.go
@@ -77,6 +77,7 @@ type Options struct {
 	// Input parameters
 	InputResultsFile   string `env:"INPUT_RESULTS_FILE"`
 	InputResultsFormat string `env:"INPUT_RESULTS_FORMAT"`
+	InputFileMode      string `env:"INPUT_FILE_MODE"`
 
 	PublishResults bool
 }
@@ -199,6 +200,9 @@ func (o *Options) setScorecardOpts() {
 	if o.ScorecardOpts.ResultsFile == "" {
 		o.ScorecardOpts.ResultsFile = o.InputResultsFile
 	}
+
+	// --file-mode=
+	o.ScorecardOpts.FileMode = o.InputFileMode
 }
 
 // setPublishResults sets whether results should be published based on a