chore: set macaron output directory

Signed-off-by: Demolus13 <[email protected]>

Author: Demolus13

action.yaml

@@ -63,6 +63,8 @@ runs:
     run: |
       bash "$GITHUB_ACTION_PATH/scripts/actions/setup_macaron.sh"
     shell: bash
+    env:
+      OUTPUT_DIR: ${{ inputs.output_dir }}
 
   - name: Run Macaron Analysis
     id: run-macaron-analysis
@@ -74,7 +76,6 @@ runs:
     env:
       GITHUB_TOKEN: ${{ inputs.github_token }}
       DEFAULTS_PATH: ${{ inputs.defaults_path }}
-      OUTPUT_DIR: ${{ inputs.output_dir }}
       REPO_PATH: ${{ inputs.repo_path }}
       PACKAGE_URL: ${{ inputs.package_url }}
       BRANCH: ${{ inputs.branch }}
@@ -94,7 +95,6 @@ runs:
     shell: bash
     env:
       DEFAULTS_PATH: ${{ inputs.defaults_path }}
-      OUTPUT_DIR: ${{ inputs.output_dir }}
       POLICY_FILE: ${{ inputs.policy_file }}
       POLICY_PURL: ${{ inputs.policy_purl }}
 

scripts/actions/run_macaron_analysis.sh

@@ -18,8 +18,8 @@ else
   CMD="$MACARON"
 fi
 
-OUTPUT_DIR=${OUTPUT_DIR:-output}
-CMD="$CMD --output-dir ${OUTPUT_DIR} -lr . analyze"
+MACARON_OUTPUT_DIR=${MACARON_OUTPUT_DIR:-output}
+CMD="$CMD --output-dir ${MACARON_OUTPUT_DIR} -lr . analyze"
 
 if [ -n "${REPO_PATH:-}" ]; then
   CMD="$CMD -rp ${REPO_PATH}"

scripts/actions/run_macaron_policy_verification.sh

@@ -16,7 +16,7 @@ if [ -z "${MACARON:-}" ]; then
 fi
 
 DEFAULTS_PATH=${DEFAULTS_PATH:-}
-OUTPUT_DIR=${OUTPUT_DIR:-output}
+MACARON_OUTPUT_DIR=${MACARON_OUTPUT_DIR:-output}
 FILE=${POLICY_FILE:-}
 PURL=${POLICY_PURL:-}
 
@@ -25,16 +25,16 @@ if [ -n "$DEFAULTS_PATH" ]; then
 else
   CMD="$MACARON"
 fi
-CMD="$CMD --output-dir ${OUTPUT_DIR} verify-policy --database ${OUTPUT_DIR}/macaron.db"
+CMD="$CMD --output-dir ${MACARON_OUTPUT_DIR} verify-policy --database ${MACARON_OUTPUT_DIR}/macaron.db"
 
 if [ -n "$FILE" ] && [ -f "$FILE" ]; then
   CMD="$CMD --file $FILE"
 
   echo "Executing: $CMD"
   if eval "$CMD"; then
-    echo "policy_report=${OUTPUT_DIR}/policy_report.json" >> "$GITHUB_OUTPUT"
-    if [ -f "${OUTPUT_DIR}/vsa.intoto.jsonl" ]; then
-      echo "vsa_report=${OUTPUT_DIR}/vsa.intoto.jsonl" >> "$GITHUB_OUTPUT"
+    echo "policy_report=${MACARON_OUTPUT_DIR}/policy_report.json" >> "$GITHUB_OUTPUT"
+    if [ -f "${MACARON_OUTPUT_DIR}/vsa.intoto.jsonl" ]; then
+      echo "vsa_report=${MACARON_OUTPUT_DIR}/vsa.intoto.jsonl" >> "$GITHUB_OUTPUT"
     else
       echo "vsa_report=VSA Not Generated." >> "$GITHUB_OUTPUT"
     fi
@@ -45,9 +45,9 @@ elif [ -n "$PURL" ]; then
   echo "Executing: $CMD"
   echo "$CMD"
   if eval "$CMD"; then
-    echo "policy_report=${OUTPUT_DIR}/policy_report.json" >> "$GITHUB_OUTPUT"
-    if [ -f "${OUTPUT_DIR}/vsa.intoto.jsonl" ]; then
-      echo "vsa_report=${OUTPUT_DIR}/vsa.intoto.jsonl" >> "$GITHUB_OUTPUT"
+    echo "policy_report=${MACARON_OUTPUT_DIR}/policy_report.json" >> "$GITHUB_OUTPUT"
+    if [ -f "${MACARON_OUTPUT_DIR}/vsa.intoto.jsonl" ]; then
+      echo "vsa_report=${MACARON_OUTPUT_DIR}/vsa.intoto.jsonl" >> "$GITHUB_OUTPUT"
     else
       echo "vsa_report=VSA Not Generated." >> "$GITHUB_OUTPUT"
     fi

scripts/actions/setup_macaron.sh

@@ -5,7 +5,9 @@
 set -euo pipefail
 
 MACARON_DIR="${RUNNER_TEMP:-/tmp}/macaron"
+MACARON_OUTPUT_DIR="$MACARON_DIR/$OUTPUT_DIR"
 mkdir -p "$MACARON_DIR"
+mkdir -p "$MACARON_OUTPUT_DIR"
 
 ref="$GITHUB_REF"
 MACARON_IMAGE_TAG=""
@@ -58,5 +60,8 @@ else
 fi
 
 chmod +x "$SCRIPT_NAME"
-echo "MACARON=$MACARON_DIR/$SCRIPT_NAME" >> "$GITHUB_ENV"
-echo "MACARON_IMAGE_TAG=${MACARON_IMAGE_TAG}" >> "$GITHUB_ENV"
+{
+  echo "MACARON=$MACARON_DIR/$SCRIPT_NAME"
+  echo "MACARON_IMAGE_TAG=${MACARON_IMAGE_TAG}"
+  echo "MACARON_OUTPUT_DIR=${MACARON_OUTPUT_DIR}"
+} >> "$GITHUB_ENV"