Add support for python script for ci providers

.github/workflows/analyze-docker-image.yml

@@ -5,10 +5,12 @@ jobs:
     runs-on: ubuntu-24.04
     name: Analyze a Docker image
     steps:
-      - name: Get the action.yml from the current branch
+      - name: Get the action.yml and scripts from the current branch
         uses: actions/checkout@v4
         with:
-          sparse-checkout: action.yml
+          sparse-checkout: |
+            action.yml
+            scripts/
           sparse-checkout-cone-mode: false
 
       - uses: ./

.github/workflows/find-vulnerabilities.yml

@@ -5,10 +5,12 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan codebase and find vulnerabilities
     steps:
-      - name: Get the action.yml from the current branch
+      - name: Get the action.yml and scripts from the current branch
         uses: actions/checkout@v4
         with:
-          sparse-checkout: action.yml
+          sparse-checkout: |
+            action.yml
+            scripts/
           sparse-checkout-cone-mode: false
 
       - uses: actions/checkout@v4

.github/workflows/map-deploy-to-develop.yml

@@ -5,10 +5,12 @@ jobs:
     runs-on: ubuntu-24.04
     name: Map deploy to develop
     steps:
-      - name: Get the action.yml from the current branch
+      - name: Get the action.yml and scripts from the current branch
         uses: actions/checkout@v4
         with:
-          sparse-checkout: action.yml
+          sparse-checkout: |
+            action.yml
+            scripts/
           sparse-checkout-cone-mode: false
 
       - uses: ./

.github/workflows/scan-codebase.yml

@@ -5,10 +5,12 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan codebase and check for compliance issues
     steps:
-      - name: Get the action.yml from the current branch
+      - name: Get the action.yml and scripts from the current branch
         uses: actions/checkout@v4
         with:
-          sparse-checkout: action.yml
+          sparse-checkout: |
+            action.yml
+            scripts/
           sparse-checkout-cone-mode: false
 
       - uses: actions/checkout@v4

.github/workflows/scan-single-package.yml

@@ -5,10 +5,12 @@ jobs:
     runs-on: ubuntu-24.04
     name: Scan a package archive
     steps:
-      - name: Get the action.yml from the current branch
+      - name: Get the action.yml and scripts from the current branch
         uses: actions/checkout@v4
         with:
-          sparse-checkout: action.yml
+          sparse-checkout: |
+            action.yml
+            scripts/
           sparse-checkout-cone-mode: false
 
       - uses: ./

action.yml

@@ -51,107 +51,34 @@ runs:
       with:
         python-version: ${{ inputs.python-version }}
 
-    - name: Set up environment
+    - name: Use Local ScanCode Pipeline Script
       shell: bash
       run: |
-        echo "SECRET_KEY=$(openssl rand -base64 32)" >> $GITHUB_ENV
-        echo "SCANCODEIO_DB_NAME=scancodeio" >> $GITHUB_ENV
-        echo "SCANCODEIO_DB_USER=scancodeio" >> $GITHUB_ENV
-        echo "SCANCODEIO_DB_PASSWORD=scancodeio" >> $GITHUB_ENV
+        chmod +x scripts/scancode_pipeline.py
 
-    - name: Start and setup the PostgreSQL service
+    - name: Run ScanCode Pipeline
       shell: bash
       run: |
-        sudo systemctl start postgresql.service
-        sudo -u postgres createuser --no-createrole --no-superuser --login --inherit --createdb ${{ env.SCANCODEIO_DB_USER }}
-        sudo -u postgres psql -c "ALTER USER ${{ env.SCANCODEIO_DB_USER }} WITH encrypted password '${{ env.SCANCODEIO_DB_PASSWORD }}'"
-        sudo -u postgres createdb --owner=scancodeio --encoding=UTF-8 ${{ env.SCANCODEIO_DB_NAME }}
-
-    - name: Install ScanCode.io
-      shell: bash
-      run: |
-        if [ -z "${{ inputs.scancodeio-repo-branch }}" ]; then
-          echo "Installing the latest ScanCode.io release from PyPI"
-          pip install --upgrade scancodeio
-        else
-          echo "Installing ScanCode.io from the GitHub branch: ${{ inputs.scancodeio-repo-branch }}"
-          pip install git+https://github.com/aboutcode-org/scancode.io.git@${{ inputs.scancodeio-repo-branch }}
-        fi
-
-    - name: Run migrations to prepare the database
-      shell: bash
-      run: scanpipe migrate --verbosity 0
-
-    - name: Generate `--pipeline` CLI arguments
-      shell: bash
-      run: |
-        IFS=',' read -ra PIPELINES <<< "${{ inputs.pipelines }}"
-        PIPELINE_CLI_ARGS=""
-        for pipeline in "${PIPELINES[@]}"; do
-          PIPELINE_CLI_ARGS+=" --pipeline $pipeline"
-        done
-        echo "PIPELINE_CLI_ARGS=${PIPELINE_CLI_ARGS}" >> $GITHUB_ENV
-
-    - name: Generate `--input-url` CLI arguments
-      shell: bash
-      run: |
-        INPUT_URL_CLI_ARGS=""
-        for url in ${{ inputs.input-urls }}; do
-          INPUT_URL_CLI_ARGS+=" --input-url $url"
-        done
-        echo "INPUT_URL_CLI_ARGS=${INPUT_URL_CLI_ARGS}" >> $GITHUB_ENV
-
-    - name: Create project
-      shell: bash
-      run: |
-        scanpipe create-project ${{ inputs.project-name }} \
-        ${{ env.PIPELINE_CLI_ARGS }} \
-        ${{ env.INPUT_URL_CLI_ARGS }}
-
-    - name: Set project work directory in the environment
+        python scripts/scancode_pipeline.py \
+          --project-name "${{ inputs.project-name }}" \
+          --pipelines "${{ inputs.pipelines }}" \
+          --output-formats "${{ inputs.output-formats }}" \
+          --inputs-path "${{ inputs.inputs-path }}" \
+          --input-urls "${{ inputs.input-urls }}" \
+          ${{ inputs.check-compliance == 'true' && '--check-compliance' || '' }} \
+          --compliance-fail-level "${{ inputs.compliance-fail-level }}" \
+          ${{ inputs.compliance-fail-on-vulnerabilities == 'true' && '--compliance-fail-on-vulnerabilities' || '' }} \
+          ${{ inputs.scancodeio-repo-branch != '' && format('--scancodeio-repo-branch {0}', inputs.scancodeio-repo-branch) || '' }}
+
+    - name: Get project work directory for upload
       shell: bash
       run: |
         project_status=$(scanpipe status --project ${{ inputs.project-name }})
         work_directory=$(echo "$project_status" | grep -oP 'Work directory:\s*\K[^\n]+')
         echo "PROJECT_WORK_DIRECTORY=$work_directory" >> $GITHUB_ENV
 
-    - name: Copy input files to project work directory
-      shell: bash
-      run: |
-        SOURCE_PATH="${{ inputs.inputs-path }}"
-        DESTINATION_PATH="${{ env.PROJECT_WORK_DIRECTORY }}/input/"
-        if [ -d "$SOURCE_PATH" ]; then
-          cp -r "$SOURCE_PATH"/* "$DESTINATION_PATH"
-        fi
-
-    - name: Run the pipelines
-      shell: bash
-      run: scanpipe execute --project ${{ inputs.project-name }} --no-color
-
-    - name: Generate outputs
-      id: scanpipe
-      shell: bash
-      run: scanpipe output
-        --project ${{ inputs.project-name }} 
-        --format ${{ inputs.output-formats }}
-
     - name: Upload outputs
       uses: actions/upload-artifact@v4
-      id: artifact-upload-step
       with:
         name: ${{ inputs.outputs-archive-name }}
         path: ${{ env.PROJECT_WORK_DIRECTORY }}/output/*
-
-    - name: Check compliance
-      if: inputs.check-compliance == 'true'
-      shell: bash
-      run: |
-        cmd="scanpipe check-compliance \
-          --project ${{ inputs.project-name }} \
-          --fail-level ${{ inputs.compliance-fail-level }}"
-
-        if [[ "${{ inputs.compliance-fail-on-vulnerabilities }}" == "true" ]]; then
-          cmd="$cmd --fail-on-vulnerabilities"
-        fi
-
-        eval "$cmd"