From 7ed886f1bd917d19cb9d6ce6c10e80e81fa31c39 Mon Sep 17 00:00:00 2001 From: Raghav Kaul <8695110+raghavkaul@users.noreply.github.com> Date: Fri, 4 Aug 2023 14:23:07 -0400 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20GitLab:=20Release=20(#3340)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Remove experimental flag Signed-off-by: Raghav Kaul * Docs Signed-off-by: Raghav Kaul * update tests Signed-off-by: Raghav Kaul --------- Signed-off-by: Raghav Kaul --- README.md | 18 ++++++++++++++++++ checker/client.go | 10 +++------- checker/client_test.go | 19 ++----------------- 3 files changed, 23 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 8c1e466e16b..c29849435a7 100644 --- a/README.md +++ b/README.md @@ -404,6 +404,24 @@ RESULTS |---------|------------------------|--------------------------------|--------------------------------|---------------------------------------------------------------------------| ``` +##### Using a GitLab Repository + +To run Scorecard on a GitLab repository, you must create a [GitLab Access Token](https://gitlab.com/-/profile/personal_access_tokens) with the following permissions: + +- `read_api` +- `read_user` +- `read_repository` + +You can run Scorecard on a GitLab repository by setting the `GITLAB_AUTH_TOKEN` environment variable: + +```bash +export GITLAB_AUTH_TOKEN=glpat-xxxx + +scorecard --repo gitlab.com/// +``` + +For an example of using Scorecard in GitLab CI/CD, see [here](https://gitlab.com/ossf-test/scorecard-pipeline-example). + ##### Using GitHub Enterprise Server (GHES) based Repository To use a GitHub Enterprise host `github.corp.com`, use the `GH_HOST` environment variable. diff --git a/checker/client.go b/checker/client.go index 7a28b2771f4..1b5d28a3ddd 100644 --- a/checker/client.go +++ b/checker/client.go @@ -17,7 +17,6 @@ package checker import ( "context" "fmt" - "os" "github.com/ossf/scorecard/v4/clients" ghrepo "github.com/ossf/scorecard/v4/clients/githubrepo" @@ -54,14 +53,11 @@ func GetClients(ctx context.Context, repoURI, localURI string, logger *log.Logge retErr } - _, experimental := os.LookupEnv("SCORECARD_EXPERIMENTAL") var repoClient clients.RepoClient - if experimental { - repo, makeRepoError = glrepo.MakeGitlabRepo(repoURI) - if repo != nil && makeRepoError == nil { - repoClient, makeRepoError = glrepo.CreateGitlabClient(ctx, repo.Host()) - } + repo, makeRepoError = glrepo.MakeGitlabRepo(repoURI) + if repo != nil && makeRepoError == nil { + repoClient, makeRepoError = glrepo.CreateGitlabClient(ctx, repo.Host()) } if makeRepoError != nil || repo == nil { diff --git a/checker/client_test.go b/checker/client_test.go index b2dd293d2e2..5084e3d2334 100644 --- a/checker/client_test.go +++ b/checker/client_test.go @@ -68,32 +68,17 @@ func TestGetClients(t *testing.T) { //nolint:gocognit wantErr: true, }, { - name: "repoURI is gitlab which is not supported", + name: "repoURI is gitlab which is supported", args: args{ ctx: context.Background(), - repoURI: "https://gitlab.com/ossf/scorecard", + repoURI: "https://gitlab.com/ossf-test/scorecard", localURI: "", }, shouldOSSFuzzBeNil: false, shouldRepoClientBeNil: false, shouldVulnClientBeNil: false, - shouldRepoBeNil: true, - wantErr: true, - }, - { - name: "repoURI is gitlab and experimental is true", - args: args{ - ctx: context.Background(), - repoURI: "https://gitlab.com/ossf/scorecard", - localURI: "", - }, - shouldOSSFuzzBeNil: false, shouldRepoBeNil: false, - shouldRepoClientBeNil: false, - shouldVulnClientBeNil: false, - shouldCIIBeNil: false, wantErr: false, - experimental: true, }, { name: "repoURI is corp github host",