diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..5d2b471 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,87 @@ +name: Demo CI + +on: + pull_request: + branches: + - main + workflow_dispatch: {} + +jobs: + demo: + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + issues: write + + steps: + - uses: actions/checkout@v4 + # Use the guardai action to run the GuardAI analysis + - name: Run GuardAI Action + id: guardai + uses: codeguardai/guardai-action@v0.1.0 + env: + OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} + with: + provider: "openai" + directory: "src" + output_file: "guardai_output.txt" + + - name: Check GuardAI Output + shell: bash + run: | + guardai_output_file="guardai_output.txt" + + # Check if the output file exists and is not empty + if [[ ! -s "$guardai_output_file" ]]; then + echo "No output detected from GuardAI action." + exit 1 + fi + + echo "GuardAI action produced output successfully." + + - name: Comment GuardAI Output to PR + uses: actions/github-script@v7 + if: ${{ github.event_name == 'pull_request' }} + with: + script: | + const fs = require('fs'); + + const output = fs.readFileSync('guardai_output.txt', 'utf8'); + + const pullRequests = await github.rest.pulls.list({ + owner: context.repo.owner, + repo: context.repo.repo, + state: 'open', + head: `${context.repo.owner}:${context.ref.replace('refs/heads/', '')}` + }) + + const issueNumber = context.issue.number || pullRequests.data[0].number + + const {data: comments} = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issueNumber, + }) + const botComment = comments.find(comment => { + return comment.user.type === 'Bot' && comment.body.includes('GuardAI Output') + }) + + const commentBody = `## GuardAI Output\n\n
View Results\n\n${output}\n\n
`; + + // If we have a comment, update it, otherwise create a new one + if (botComment) { + await github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + body: commentBody + }) + } else { + await github.rest.issues.createComment({ + issue_number: issueNumber, + owner: context.repo.owner, + repo: context.repo.repo, + body: commentBody + }) + } diff --git a/.python-version b/.python-version new file mode 100644 index 0000000..e4fba21 --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +3.12 diff --git a/README copy.md b/README copy.md new file mode 100644 index 0000000..c1fe2af --- /dev/null +++ b/README copy.md @@ -0,0 +1,46 @@ +# Demo + +Demo of [GuardAI](https://github.com/codeguardai/guardai) + +This demo provides an overview of how the GuardAI tool can be used both in a CI pipeline and locally via the command line. + +## CI Integration with GitHub Actions + +GuardAI can be integrated into your CI pipeline using GitHub Actions/Workflows. In this example, the workflow is configured to run on pull requests targeting the `main` branch. The action scans the code in the specified directory and generates a report. The workflow then posts the results as a comment on the pull request. + +- **Workflow File**: [Demo CI Workflow](https://github.com/codeguardai/demo/.github/workflows/ci.yml) +- **Pull Request Example**: [#123: Demonstration PR](https://github.com/codeguardai/demo/pull/1) + +### Pull Request Workflow + +1. **Run GuardAI Action**: The action scans the code in the `src` directory and outputs the results to a file (`guardai_output.txt`). +2. **Comment on PR**: The content of the `guardai_output.txt` file is automatically posted as a collapsible comment on the pull request, allowing reviewers to easily view the scan results. + +Example of how the GuardAI output is commented on a PR: + +![PR Comment Example]() +_Placeholder GIF: This GIF represents how GuardAI comments its findings directly in a pull request. Replace with an actual GIF showing the feature in action._ + +## Local CLI Usage + +GuardAI is also designed to be used locally via the command line, allowing developers to scan their code for vulnerabilities before pushing changes to a repository. This ensures that issues can be caught early in the development process. + +### How to Use GuardAI Locally + +1. **Run GuardAI from the command line**: + + ```bash + pip install guardai + export OPENAI_API_KEY= + guardai --provider openai --directory ./src + ``` + +2. **Review the output**: GuardAI will scan the code in the specified directory and output the results directly in your terminal or to a specified output file. + +Example of GuardAI CLI usage: + +![CLI Demo](cli-demo.gif) + +Summary: + +For more information, check out the [GuardAI repository](https://github.com/codeguardai/guardai). diff --git a/README.md b/README.md index a8386ec..123f4f5 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,45 @@ -# demo -Demo of https://github.com/codeguardai/guardai +# Demo + +Demo of [GuardAI](https://github.com/codeguardai/guardai) + +This demo provides an overview of how the GuardAI tool can be used both in a CI pipeline and locally via the command line. + +## CI Integration with GitHub Actions + +GuardAI can be integrated into your CI pipeline using GitHub Actions/Workflows. In this example, the workflow is configured to run on pull requests targeting the `main` branch. The action scans the code in the specified directory and generates a report. The workflow then posts the results as a comment on the pull request. + +- **Workflow File**: [Demo CI Workflow](https://github.com/codeguardai/demo/.github/workflows/ci.yml) +- **Pull Request Example**: [#123: Demonstration PR](https://github.com/codeguardai/demo/pull/2) + +### Pull Request Workflow + +1. **Run GuardAI Action**: The action scans the code in the `src` directory and outputs the results to a file (`guardai_output.txt`). +2. **Comment on PR**: The content of the `guardai_output.txt` file is automatically posted as a collapsible comment on the pull request, allowing reviewers to easily view the scan results. + +Example of how the GuardAI output is [commented](https://github.com/codeguardai/demo/pull/2#issuecomment-2295672871) on a PR: + +![PR Comment Example](pr-demo.png) + +## Local CLI Usage + +GuardAI is also designed to be used locally via the command line, allowing developers to scan their code for vulnerabilities before pushing changes to a repository. This ensures that issues can be caught early in the development process. + +### How to Use GuardAI Locally + +1. **Run GuardAI from the command line**: + + ```bash + pip install guardai + export OPENAI_API_KEY= + guardai --provider openai --directory ./src + ``` + +2. **Review the output**: GuardAI will scan the code in the specified directory and output the results directly in your terminal or to a specified output file. + +Example of GuardAI CLI usage: + +![CLI Demo](cli-demo.gif) + +Summary: + +For more information, check out the [GuardAI repository](https://github.com/codeguardai/guardai). diff --git a/cli-demo.gif b/cli-demo.gif new file mode 100644 index 0000000..4a16d84 Binary files /dev/null and b/cli-demo.gif differ diff --git a/pr-demo.png b/pr-demo.png new file mode 100644 index 0000000..eac20f4 Binary files /dev/null and b/pr-demo.png differ diff --git a/src/main.py b/src/main.py new file mode 100644 index 0000000..4da7a60 --- /dev/null +++ b/src/main.py @@ -0,0 +1,34 @@ +import os + + +def read_file(filepath): + with open(filepath, "r") as file: + return file.read() + + +def execute_command(command): + os.system(command) + + +def login(username, password): + if username == "admin" and password == "password123": + print("Login successful!") + else: + print("Login failed!") + + +def main(): + filepath = input("Enter the file path to read: ") + content = read_file(filepath) + print(f"File content: {content}") + + command = input("Enter a command to execute: ") + execute_command(command) + + username = input("Enter username: ") + password = input("Enter password: ") + login(username, password) + + +if __name__ == "__main__": + main()