Add input parameter for source repository cloning

Author: JohT

.github/workflows/public-analyze-code-graph.yml

@@ -35,6 +35,28 @@ on:
         required: false
         type: string
         default: ''
+      source-repository:
+        description: >
+          The URL of the source repository to analyze. For now, only GitHub repositories are supported.
+          This can be used instead of 'sources-upload-name' to directly analyze a repository without uploading artifacts first.
+          It can also be used in addition to 'sources-upload-name' to analyze both uploaded sources and a repository.
+        required: false
+        type: string
+        default: ''  
+      source-repository-branch:
+        description: >
+          The branch, tag or SHA of the source repository to checkout.
+          Default: default branch of the repository
+        required: false
+        type: string
+        default: ''
+      source-repository-history-only:
+        description: >
+          Whether to clone the source repository as a bare repository ("true") or not ("false", default).
+          Bare repositories do not have a working directory and are useful for git history analysis when the sources are not needed.
+        required: false
+        type: string
+        default: 'false'      
       ref:
         description: >
           The branch, tag or SHA of the code-graph-analysis-pipeline to checkout. 
@@ -95,9 +117,9 @@ jobs:
           python: 3.12
           miniforge: 24.9.0-0
     steps:
-      - name: Assure that either artifacts-upload-name or maven-artifacts or sources-upload-name is set
-        if: inputs.artifacts-upload-name == '' && inputs.maven-artifacts == ''  && inputs.sources-upload-name == ''
-        run: echo "Please specify either the input parameter 'artifacts-upload-name' or 'maven-artifacts' or 'sources-upload-name'."; exit 1
+      - name: Assure that either artifacts-upload-name or maven-artifacts or sources-upload-name or source-repository is set
+        if: inputs.artifacts-upload-name == '' && inputs.maven-artifacts == ''  && inputs.sources-upload-name == '' && inputs.source-repository == ''
+        run: echo "Please specify either the input parameter 'artifacts-upload-name' or 'maven-artifacts' or 'sources-upload-name' or 'source-repository'."; exit 1
       - name: Verify analysis-name only consists of characters safe for folder names
         run: |
           if [[ ! "${{ inputs.analysis-name }}" =~ ^[A-Za-z0-9._-]+$ ]]; then
@@ -176,6 +198,11 @@ jobs:
           name: ${{ inputs.sources-upload-name }}
           path: temp/${{ inputs.analysis-name }}/source/${{ inputs.analysis-name }}
 
+      - name: (Code Analysis Setup) Clone source repository for analysis
+        if: inputs.source-repository != ''
+        working-directory: temp/${{ inputs.analysis-name }}
+        run: ./../../scripts/cloneGitRepository.sh --url "${{ inputs.source-repository }}" --branch "${{ inputs.source-repository-branch }}" --history-only "${{ inputs.source-repository-history-only }}" --target "source/${{ inputs.analysis-name }}"
+
       - name: (Code Analysis Setup) Download artifacts for analysis
         if: inputs.artifacts-upload-name != ''
         uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5

scripts/cloneGitRepository.sh

@@ -0,0 +1,125 @@
+#!/usr/bin/env bash
+
+# Provides safe-guarded (security checked parameters) git repository cloning.
+
+# Note: This script needs the path to target directory to clone the git repository to. It defaults to SOURCE_DIRECTORY ("source"). 
+# Note: This script needs git to be installed.
+
+# Fail on any error ("-e" = exit on first error, "-o pipefail" exist on errors within piped commands)
+set -o errexit -o pipefail
+
+# Overrideable Defaults
+SOURCE_DIRECTORY=${SOURCE_DIRECTORY:-"source"} # Get the source repository directory (defaults to "source")
+
+# Local constants
+SCRIPT_NAME=$(basename "${0}")
+
+fail() {
+  local ERROR_COLOR='\033[0;31m' # red
+  local DEFAULT_COLOR='\033[0m'
+  local errorMessage="${1}"
+  echo -e "${ERROR_COLOR}${SCRIPT_NAME}: Error: ${errorMessage}${DEFAULT_COLOR}" >&2
+  exit 1
+}
+
+# Default and initial values for command line options
+url=""
+branch="main"
+history_only="false"
+target="${SOURCE_DIRECTORY}"
+dry_run="false"
+
+# Read command line options
+USAGE="${SCRIPT_NAME}: Usage: $0 --url <github-repository-url> --branch <branch-name> [--history-only <true|false>] [--target <clone directory>(default=source)]"
+
+while [ "$#" -gt "0" ]; do
+  key="$1"
+  case ${key} in
+    --url)
+      url="$2"
+      shift
+      ;;
+    --branch)
+      branch="$2"
+      shift
+      ;;
+    --history-only)
+      history_only="$2"
+      shift
+      ;;
+    --target)
+      target="$2"
+      shift
+      ;;
+    --dry-run)
+      dry_run="true"
+      ;;
+    *)
+      fail "Unknown option: ${key}"
+      echo "${USAGE}" >&2
+      exit 1
+  esac
+  shift
+done
+
+# --- Validate URL (mandatory)
+if [ -z "${url}" ] ; then
+  fail "The git repository URL (--url) must be provided."
+  echo "${USAGE}" >&2
+  exit 1
+fi
+case "${url}" in
+  https://github.com/*/*|https://github.com/*/*.git)
+    ;;
+  *)
+    fail "The source repository (--url) must be a valid GitHub repository URL."
+    ;;
+esac
+
+# --- Validate branch (mandatory, defaults to "main")
+if [ -z "${branch}" ] ; then
+  fail "The git repository branch (--branch) must be provided."
+  echo "${USAGE}" >&2
+  exit 1
+fi
+case "${branch}" in
+  *[\ ~^:?*[\]\\]*)
+    fail "The source repository branch contains invalid characters."
+    ;;
+esac
+
+# --- Validate history-only (mandatory, defaults to "false")
+case "${history_only}" in
+  true|false)
+    ;;
+  *)
+    fail "The source repository history-only option must be either 'true' or 'false'."
+    echo "${USAGE}" >&2
+    ;;
+esac
+
+# --- Validate target directory (mandatory, defaults to SOURCE_DIRECTORY)
+if [ -z "${target}" ] ; then
+  fail "The target directory (--target) ${target} must be provided." >&2
+  echo "${USAGE}" >&2
+  exit 1
+fi
+
+if [ ${dry_run} = "true" ] ; then
+  echo "Dry run mode enabled. The following command(s) would be executed:" >&2
+fi
+
+# --- Clone the git repository
+bare_option=""
+bare_folder=""
+if [ "${history_only}" = "true" ]; then
+  bare_option="--bare"
+  bare_folder="/.git" # bare clones need the .git folder to be used as target
+fi
+
+if [ ${dry_run} = "true" ] ; then
+  echo "git clone ${bare_option} --single-branch ${url} --branch ${branch} ${target}${bare_folder}"
+  exit 0
+else
+  git clone ${bare_option} --single-branch  "${url}" --branch "${branch}" "${target}${bare_folder}"
+fi

scripts/testCloneGitRepository.sh

@@ -0,0 +1,143 @@
+#!/usr/bin/env bash
+
+# Tests "cloneGitRepository.sh".
+
+# Fail on any error ("-e" = exit on first error, "-o pipefail" exist on errors within piped commands)
+set -o errexit -o pipefail
+
+# Local constants
+SCRIPT_NAME=$(basename "${0}")
+COLOR_ERROR='\033[0;31m' # red
+COLOR_DE_EMPHASIZED='\033[0;90m' # dark gray
+COLOR_SUCCESSFUL="\033[0;32m" # green 
+COLOR_DEFAULT='\033[0m'
+
+## Get this "scripts" directory if not already set
+# Even if $BASH_SOURCE is made for Bourne-like shells it is also supported by others and therefore here the preferred solution. 
+# CDPATH reduces the scope of the cd command to potentially prevent unintended directory changes.
+# This way non-standard tools like readlink aren't needed.
+SCRIPTS_DIR=${SCRIPTS_DIR:-$( CDPATH=. cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P )} # Repository directory containing the shell scripts
+
+tearDown() {
+  # echo "${SCRIPT_NAME}: Tear down tests...."
+  rm -rf "${temporaryTestDirectory}"
+}
+
+successful() {
+  echo ""
+  echo -e "${COLOR_DE_EMPHASIZED}${SCRIPT_NAME}:${COLOR_DEFAULT} ${COLOR_SUCCESSFUL}✅ Tests finished successfully.${COLOR_DEFAULT}"
+  tearDown
+}
+
+info() {
+  local infoMessage="${1}"
+  echo -e "${COLOR_DE_EMPHASIZED}${SCRIPT_NAME}:${COLOR_DEFAULT} ${infoMessage}"
+}
+
+fail() {
+  local errorMessage="${1}"
+  echo -e "${COLOR_DE_EMPHASIZED}${SCRIPT_NAME}: ${COLOR_ERROR}${errorMessage}${COLOR_DEFAULT}"
+  tearDown
+  return 1
+}
+
+printTestLogFileContent() {
+  local logFileName="${temporaryTestDirectory}/${SCRIPT_NAME}-${test_case_number}.log"
+  if [ -f "${logFileName}" ]; then
+    local logFileContent=$( cat "${logFileName}" )
+    # Remove color codes from the output for better readability in test logs
+    logFileContent=$(echo -e "${logFileContent}" | sed -r "s/\x1B\[[0-9;]*[mK]//g")
+    echo -e "${COLOR_DE_EMPHASIZED}${logFileContent}${COLOR_DEFAULT}"
+  else
+    echo -e "${COLOR_ERROR}No log file found at expected location: ${logFileName}${COLOR_DEFAULT}"
+  fi
+}
+
+cloneGitRepositoryExpectingSuccessUnderTest() {
+  local COLOR_DE_EMPHASIZED='\033[0;90m' # dark gray
+  (
+    cd "${temporaryTestDirectory}"; 
+    source "${SCRIPTS_DIR}/cloneGitRepository.sh" "$@" > "${temporaryTestDirectory}/${SCRIPT_NAME}-${test_case_number}.log"
+  )
+  exitCode=$?
+  if [ ${exitCode} -ne 0 ]; then
+    fail "❌ Test failed: Script exited with non-zero exit code ${exitCode}."
+  fi
+  printTestLogFileContent
+}
+
+cloneGitRepositoryExpectingFailureUnderTest() {
+  set +o errexit
+  (
+    cd "${temporaryTestDirectory}"; 
+    source "${SCRIPTS_DIR}/cloneGitRepository.sh" "$@" > "${temporaryTestDirectory}/${SCRIPT_NAME}-${test_case_number}.log" 2>&1
+    exitCode=$?
+    if [ ${exitCode} -eq 0 ]; then
+      fail "❌ Test failed: Script exited with zero exit code but was expected to fail."
+    fi
+  )
+  set -o errexit
+  printTestLogFileContent
+}
+
+info "Starting tests...."
+
+# Create testing resources
+temporaryTestDirectory=$(mktemp -d 2>/dev/null || mktemp -d -t 'temporaryTestDirectory_${SCRIPT_NAME}')
+mkdir -p "${temporaryTestDirectory}"
+
+# ------- Integration Test Case
+test_case_number=1
+echo ""
+info "${test_case_number}.) Should clone a valid GitHub Repository successfully (real-run/integration)."
+
+output=$(cloneGitRepositoryExpectingSuccessUnderTest --url "https://github.com/JohT/livecoding.git" --branch "main" --target "${temporaryTestDirectory}/livecoding")
+if [ ! -f "${temporaryTestDirectory}/livecoding/README.md" ]; then
+  fail "${test_case_number}.) Test failed: Expected 'README.md' in cloned repository 'livecoding'."
+fi
+
+# TODO implement further test cases
+# # ------- Integration Test Case
+# test_case_number=3
+# echo ""
+# info "${test_case_number}.) Should fail when downloading non-existing Maven artifact (real-run/integration)."
+# downloadMavenArtifactsExpectingFailureUnderTest "org.nonexistent:nonexistent-artifact:0.0.1"
+
+# # ------- Unit Test Case
+# test_case_number=4
+# echo ""
+# info "${test_case_number}.) Should fail when no input is specified (dry-run)."
+# downloadMavenArtifactsExpectingFailureUnderTest "--dry-run"
+
+# # ------- Unit Test Case
+# test_case_number=5
+# echo ""
+# info "${test_case_number}.) Should fail when input is empty (dry-run)."
+# downloadMavenArtifactsExpectingFailureUnderTest "--dry-run"
+
+# # ------- Unit Test Case
+# test_case_number=6
+# echo ""
+# info "${test_case_number}.) Should fail on unknown arguments."
+# downloadMavenArtifactsExpectingFailureUnderTest "--dry-run --unknown-argument"
+
+# # ------- Unit Test Case
+# test_case_number=7
+# echo ""
+# info "${test_case_number}.) Should fail when artifacts directory is missing (dry-run)."
+# # Rename artifacts directory to simulate missing directory
+# mv "${temporaryTestDirectory}/artifacts" "${temporaryTestDirectory}/artifacts_backup"
+
+# downloadMavenArtifactsExpectingFailureUnderTest "--dry-run"
+
+# # Restore artifacts directory
+# mv "${temporaryTestDirectory}/artifacts_backup" "${temporaryTestDirectory}/artifacts"
+
+# # ------- Unit Test Case
+# test_case_number=8
+# echo ""
+# info "${test_case_number}.) Should fail when the artifact coordinate has a wrong format (dry-run)."
+# downloadMavenArtifactsExpectingFailureUnderTest "--dry-run" "org.apache.commons:commons-lang3-3.12.0"
+
+successful
+return 0