-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaction.yaml
75 lines (75 loc) · 2.59 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
name: "Boost Security Scanner"
description: "Scans a repository for security vulneratibilities"
inputs:
additional_args:
description: "Additional CLI arguments to pass"
required: false
default: ""
api_enabled:
description: "Optional setting to enable offline mode"
default: true
api_endpoint:
description: "Boost API endpoint"
required: true
default: https://api.boostsecurity.io
api_token:
description: "Boost API token"
required: true
cli_version:
description: "Scanner version"
default: "1"
ignore_failure:
description: "Ignore any exception returned by the scanner cli"
default: "false"
log_level:
description: "Set the cli logging level"
default: ""
main_branch:
description: "Optional override for main branch detection"
default: ""
pre_scan_cmd:
description: "Optional command to run before scanning"
default: ""
registry_module:
description: "Module within the scanner registry to execute"
required: true
scanner_id:
description: "Optional identifier to uniquely identify the scanner"
default: ""
scan_label:
description: "Optional identifier to identify a a monorepo component"
default: ""
scan_path:
description: "Optional relative path to scan"
default: ""
scan_timeout:
description: "Maximum amount of time a diff scan should complete in (deprecated)"
default: ""
scan_diff_timeout:
description: "Maximum amount of time a diff scan should complete in"
default: ""
scan_main_timeout:
description: "Maximum amount of time a main scan should complete in"
default: ""
runs:
using: "composite"
steps:
- run: ${{ github.action_path }}/lib/scan.sh
shell: bash
env:
BOOST_API_ENABLED: ${{ inputs.api_enabled }}
BOOST_API_ENDPOINT: ${{ inputs.api_endpoint }}
BOOST_API_TOKEN: ${{ inputs.api_token }}
BOOST_CLI_ARGUMENTS: ${{ inputs.additional_args }}
BOOST_CLI_VERSION: ${{ inputs.cli_version }}
BOOST_GIT_MAIN_BRANCH: ${{ inputs.main_branch }}
BOOST_IGNORE_FAILURE: ${{ inputs.ignore_failure }}
BOOST_LOG_LEVEL: ${{ inputs.log_level }}
BOOST_SCAN_TIMEOUT: ${{ inputs.scan_timeout }}
BOOST_DIFF_SCAN_TIMEOUT: ${{ inputs.scan_diff_timeout }}
BOOST_MAIN_SCAN_TIMEOUT: ${{ inputs.scan_main_timeout }}
BOOST_PRE_SCAN: ${{ inputs.pre_scan_cmd }}
BOOST_SCAN_LABEL: ${{ inputs.scan_label }}
BOOST_SCAN_PATH: ${{ inputs.scan_path }}
BOOST_SCANNER_ID: ${{ inputs.scanner_id }}
BOOST_SCANNER_REGISTRY_MODULE: ${{ inputs.registry_module }}