Support for mobb project name (#19)

* Update action.yml

Author: antonychiu2

README.md

@@ -16,6 +16,19 @@ This action posts the code and a SAST report to the Mobb vulnerability analysis
 
 **Required** The GitHub api token to use with the action. Usually available as `${{ secrets.GITHUB_TOKEN }}`.
 
+## `mobb-project-name` 
+
+**Optional** The Mobb Project Name where the fix analysis will be stored. If this is not specified, it will the analysis will default into the "My first project". 
+
+## `auto-pr` 
+
+**Optional** `true` or `false`. Enables Automatic Pull Request for fresh fixes. 
+
+## `commit-directly`
+
+**Optional** `true` or `false`. This requires `auto-pr` to be set to `true`. Once set, Fixes will be committed directly to the source branch. 
+
+
 ## Outputs
 
 ## `fix-report-url`

action.yml

@@ -13,6 +13,16 @@ inputs:
   github-token:
     description: "GitaHub Token"
     required: true
+  mobb-project-name:
+    description: "Mobb Project Name"
+    required: false
+  auto-pr:
+    description: "Auto-PR flag"
+    required: false
+  commit-directly:
+    description: "Commit Directly flag, this requires Auto-PR flag to be set. Once enabled, Mobb will commit the fixes directly to the branch"
+    required: false
+
 outputs:
   fix-report-url:
     description: "Mobb fix report URL"
@@ -28,18 +38,44 @@ runs:
         REPO=$(git remote get-url origin)
         REPO=${REPO%".git"}
         BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}
-        OUT=$(npx --yes mobbdev@latest analyze --ci -r $REPO --ref $BRANCH --api-key ${{ inputs.api-key }} -f ${{ inputs.report-file }})
+
+        MobbExecString="npx --yes mobbdev@latest analyze --ci -r $REPO --ref $BRANCH --api-key ${{ inputs.api-key }} -f ${{ inputs.report-file }}"
+        
+        # Check if mobb-project-name exists and append it
+        if [ -n "${{ inputs.mobb-project-name }}" ]; then
+          echo "mobb-project-name specified: ${{ inputs.mobb-project-name }}"
+          MobbExecString+=" --mobb-project-name \"${{ inputs.mobb-project-name }}\""
+        fi
+
+        # Check if auto-pr flag is set append it
+        if [ "${{ inputs.auto-pr }}" == "true" ]; then
+          echo "Auto-PR flag is set"
+          MobbExecString+=" --auto-pr"
+        fi
+
+        # Check if commit-directly flag is set append it to the Mobb CLI command
+        if [ "${{ inputs.commit-directly }}" == "true" ]; then
+          echo "Commit Directly flag is set"
+          MobbExecString+=" --commit-directly"
+        fi
+
+        # Output the final command string for debugging and execute it
+        echo "Mobb Command: $MobbExecString"
+        OUT=$(eval $MobbExecString)
+        
         RETVAL=$?
         if [ $RETVAL -ne 0 ]; then
           exit $RETVAL
         fi
         OUT=$(echo $OUT | tr '\n' ' ')
         echo "fix-report-url=$OUT" >> $GITHUB_OUTPUT
+        echo "Mobb URL: $OUT"
+        
       shell: bash -l {0}
     - uses: Sibz/github-status-action@v1
       with:
         authToken: ${{ inputs.github-token }}
         context: "Mobb fix report link"
         state: "success"
         target_url: ${{ steps.run-npx-mobb-dev.outputs.fix-report-url }}
-        sha: ${{github.event.pull_request.head.sha || github.sha}}
+        sha: ${{github.event.pull_request.head.sha || github.sha}}

review/action.yml

@@ -16,6 +16,9 @@ inputs:
   scanner:
     description: "SAST scanner(codeql, snyk, checkmarx, fortify)"
     required: true
+  mobb-project-name:
+    description: "Mobb Project Name"
+    required: false
 outputs:
   fix-report-url:
     description: "Mobb fix report URL"
@@ -57,14 +60,27 @@ runs:
         COMMIT_HASH=$(git rev-parse $GITHUB_HEAD_REF) 
         PR_NUMBER=${{ github.event.pull_request.number }}
         VUL_FILE_PATH=results/$(basename ${{ inputs.report-file }})
-        OUT=$(npx --yes mobbdev@latest review  -r $REPO --ref $GITHUB_HEAD_REF --ch $COMMIT_HASH --api-key ${{ inputs.api-key }} -f $VUL_FILE_PATH  --pr $PR_NUMBER --github-token ${{ inputs.github-token }} --scanner $SCANNER -p .)
+        MobbExecString="npx --yes mobbdev@latest review  -r $REPO --ref $GITHUB_HEAD_REF --ch $COMMIT_HASH --api-key ${{ inputs.api-key }} -f $VUL_FILE_PATH  --pr $PR_NUMBER --github-token ${{ inputs.github-token }} --scanner $SCANNER -p ."
+        
+        # Check if mobb-project-name exists and append it
+        if [ -n "${{ inputs.mobb-project-name }}" ]; then
+          echo "mobb-project-name specified: ${{ inputs.mobb-project-name }}"
+          MobbExecString+=" --mobb-project-name \"${{ inputs.mobb-project-name }}\""
+        fi
+
+        # Output the final command string for debugging
+        echo "Mobb Command: $MobbExecString"
+        OUT=$(eval $MobbExecString)
+        
         RETVAL=$?
         if [ $RETVAL -ne 0 ]; then
           exit $RETVAL
         fi
         OUT=$(echo $OUT | tr '\n' ' ')
 
         echo "fix-report-url=$OUT" >> $GITHUB_OUTPUT
+        echo "Mobb URL: $OUT"
+        
       shell: bash -l {0}
 
     - uses: Sibz/github-status-action@v1