ossf · azeemshaikh38 · Sep 1, 2021 · Sep 1, 2021
@@ -132,8 +132,7 @@ func prHasSuccessStatus(pr *clients.PullRequest, c *checker.CheckRequest) (bool,
 
 // PR has a successful CI-related check.
 func prHasSuccessfulCheck(pr *clients.PullRequest, c *checker.CheckRequest) (bool, error) {
-	crs, _, err := c.Client.Checks.ListCheckRunsForRef(c.Ctx, c.Owner, c.Repo, pr.HeadSHA,
-		&github.ListCheckRunsOptions{})
+	crs, err := c.RepoClient.ListCheckRunsForRef(pr.HeadSHA)
 	if err != nil {
 		//nolint
 		return false, sce.Create(sce.ErrScorecardInternal, fmt.Sprintf("Client.Checks.ListCheckRunsForRef: %v", err))
@@ -143,19 +142,19 @@ func prHasSuccessfulCheck(pr *clients.PullRequest, c *checker.CheckRequest) (boo
 		return false, sce.Create(sce.ErrScorecardInternal, "cannot list check runs by ref")
 	}
 
-	for _, cr := range crs.CheckRuns {
-		if cr.GetStatus() != "completed" {
+	for _, cr := range crs {
+		if cr.Status != "completed" {
 			continue
 		}
-		if cr.GetConclusion() != success {
+		if cr.Conclusion != success {
 			continue
 		}
-		if isTest(cr.GetApp().GetSlug()) {
+		if isTest(cr.App.Slug) {
 			c.Dlogger.Debug3(&checker.LogMessage{
-				Path: cr.GetURL(),
+				Path: cr.URL,
 				Type: checker.FileTypeURL,
 				Text: fmt.Sprintf("CI test found: pr: %d, context: %s", pr.Number,
-					cr.GetApp().GetSlug()),
+					cr.App.Slug),
 			})
 			return true, nil
 		}

@@ -17,8 +17,6 @@ package checks
 import (
 	"fmt"
 
-	"github.com/google/go-github/v38/github"
-
 	"github.com/ossf/scorecard/v2/checker"
 	"github.com/ossf/scorecard/v2/clients"
 	sce "github.com/ossf/scorecard/v2/errors"
@@ -119,8 +117,7 @@ func sastToolInCheckRuns(c *checker.CheckRequest) (int, error) {
 			continue
 		}
 		totalMerged++
-		crs, _, err := c.Client.Checks.ListCheckRunsForRef(c.Ctx, c.Owner, c.Repo, pr.HeadSHA,
-			&github.ListCheckRunsOptions{})
+		crs, err := c.RepoClient.ListCheckRunsForRef(pr.HeadSHA)
 		if err != nil {
 			return checker.InconclusiveResultScore,
 				sce.Create(sce.ErrScorecardInternal, fmt.Sprintf("Client.Checks.ListCheckRunsForRef: %v", err))
@@ -131,16 +128,16 @@ func sastToolInCheckRuns(c *checker.CheckRequest) (int, error) {
 			})
 			return checker.InconclusiveResultScore, nil
 		}
-		for _, cr := range crs.CheckRuns {
-			if cr.GetStatus() != "completed" {
+		for _, cr := range crs {
+			if cr.Status != "completed" {
 				continue
 			}
-			if cr.GetConclusion() != "success" {
+			if cr.Conclusion != "success" {
 				continue
 			}
-			if sastTools[cr.GetApp().GetSlug()] {
+			if sastTools[cr.App.Slug] {
 				c.Dlogger.Debug3(&checker.LogMessage{
-					Path: cr.GetHTMLURL(),
+					Path: cr.URL,
 					Type: checker.FileTypeURL,
 					Text: "tool detected",
 				})

@@ -0,0 +1,28 @@
+// Copyright 2021 Security Scorecard Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package clients
+
+// CheckRun is a single instance of a VCS CheckRun.
+type CheckRun struct {
+	Status     string
+	Conclusion string
+	URL        string
+	App        CheckRunApp
+}
+
+// CheckRunApp is the app running the Check.
+type CheckRunApp struct {
+	Slug string
+}
@@ -0,0 +1,64 @@
+// Copyright 2021 Security Scorecard Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package githubrepo
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/google/go-github/v38/github"
+
+	"github.com/ossf/scorecard/v2/clients"
+	sce "github.com/ossf/scorecard/v2/errors"
+)
+
+type checkrunsHandler struct {
+	client *github.Client
+	ctx    context.Context
+	owner  string
+	repo   string
+}
+
+func (handler *checkrunsHandler) init(ctx context.Context, owner, repo string) {
+	handler.ctx = ctx
+	handler.owner = owner
+	handler.repo = repo
+}
+
+func (handler *checkrunsHandler) listCheckRunsForRef(ref string) ([]clients.CheckRun, error) {
+	checkRuns, _, err := handler.client.Checks.ListCheckRunsForRef(handler.ctx, handler.owner, handler.repo, ref,
+		&github.ListCheckRunsOptions{})
+	if err != nil {
+		// nolint: wrapcheck
+		return nil, sce.Create(sce.ErrScorecardInternal, fmt.Sprintf("ListCheckRunsForRef: %v", err))
+	}
+	return checkRunsFrom(checkRuns), nil
+}
+
+func checkRunsFrom(data *github.ListCheckRunsResults) []clients.CheckRun {
+	// nolint: prealloc // https://github.com/golang/go/wiki/CodeReviewComments#declaring-empty-slices
+	var checkRuns []clients.CheckRun
+	for _, checkRun := range data.CheckRuns {
+		checkRuns = append(checkRuns, clients.CheckRun{
+			Status:     checkRun.GetStatus(),
+			Conclusion: checkRun.GetConclusion(),
+			URL:        checkRun.GetURL(),
+			App: clients.CheckRunApp{
+				Slug: checkRun.GetApp().GetSlug(),
+			},
+		})
+	}
+	return checkRuns
+}
@@ -37,6 +37,7 @@ type Client struct {
 	branches     *branchesHandler
 	releases     *releasesHandler
 	workflows    *workflowsHandler
+	checkruns    *checkrunsHandler
 	search       *searchHandler
 	ctx          context.Context
 	tarball      tarballHandler
@@ -74,6 +75,9 @@ func (client *Client) InitRepo(owner, repoName string) error {
 	// Setup workflowsHandler.
 	client.workflows.init(client.ctx, client.owner, client.repoName)
 
+	// Setup checkrunsHandler.
+	client.checkruns.init(client.ctx, client.owner, client.repoName)
+
 	// Setup searchHandler.
 	client.search.init(client.ctx, client.owner, client.repoName)
 
@@ -135,6 +139,11 @@ func (client *Client) ListSuccessfulWorkflowRuns(filename string) ([]clients.Wor
 	return client.workflows.listSuccessfulWorkflowRuns(filename)
 }
 
+// ListCheckRunsForRef implements RepoClient.ListCheckRunsForRef.
+func (client *Client) ListCheckRunsForRef(ref string) ([]clients.CheckRun, error) {
+	return client.checkruns.listCheckRunsForRef(ref)
+}
+
 // Search implements RepoClient.Search.
 func (client *Client) Search(request clients.SearchRequest) (clients.SearchResponse, error) {
 	return client.search.search(request)
@@ -167,6 +176,9 @@ func CreateGithubRepoClient(ctx context.Context,
 		workflows: &workflowsHandler{
 			client: client,
 		},
+		checkruns: &checkrunsHandler{
+			client: client,
+		},
 		search: &searchHandler{
 			ghClient: client,
 		},

@@ -29,6 +29,7 @@ type RepoClient interface {
 	ListReleases() ([]Release, error)
 	ListContributors() ([]Contributor, error)
 	ListSuccessfulWorkflowRuns(filename string) ([]WorkflowRun, error)
+	ListCheckRunsForRef(ref string) ([]CheckRun, error)
 	Search(request SearchRequest) (SearchResponse, error)
 	Close() error
 }