macaron icon indicating copy to clipboard operation
macaron copied to clipboard
verified publisher icon oracle

[Enhancement Request] - Improve debug messages for irrelevant workflow in some checks

Open tromai opened this issue 7 months ago • 0 comments

Description

Currently there are 3 places where debug messages like

[DEBUG] Workflow <workflow_name> is not relevant. Skipping...

are printed out.

  1. https://github.com/oracle/macaron/blob/23c7fdbfeb15c5d286373be4471be1dc3ec8d231/src/macaron/slsa_analyzer/checks/build_as_code_check.py#L163
  2. https://github.com/oracle/macaron/blob/32aa0ccf0f552df3e90563653415bd38a3feac6a/src/macaron/slsa_analyzer/checks/github_actions_vulnerability_check.py#L110
  3. https://github.com/oracle/macaron/blob/4235041f706c7a811b5ddf369e26549bdea0206f/src/macaron/slsa_analyzer/checks/trusted_builder_l3_check.py#L126

Even though the context and reason why the message is printed out are different.

Proposed Feature

We can improve the debug message by adding a small description why a workflow is treated as irrelevant.

tromai avatar May 09 '25 05:05 tromai