-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathaction.yml
More file actions
45 lines (41 loc) · 1.5 KB
/
Copy pathaction.yml
File metadata and controls
45 lines (41 loc) · 1.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: 'Fluid Attacks CI Gate'
description: 'Check for open vulnerabilities in your repository using the Fluid Attacks CI Gate'
author: 'Fluid Attacks'
branding:
icon: 'shield'
color: 'red'
inputs:
api_token:
description: 'CI Gate token for authentication with the Fluid Attacks platform'
required: true
repo_name:
description: 'Git repository nickname in the Fluid Attacks platform. Defaults to the GitHub repository name when not set.'
required: false
default: ''
strict:
description: 'Enable strict mode. Breaks the build if open or untreated vulnerabilities are found.'
required: false
default: 'false'
report_output_path:
description: 'Path relative to the workspace root where the JSON report will be saved. If not set, no report is written.'
required: false
default: ''
outputs:
vulnerabilities_found:
description: 'Whether policy-breaking vulnerabilities were found (true/false)'
value: ${{ steps.run.outputs.vulnerabilities_found }}
report_output_path:
description: 'Path to the JSON report file. Only set when the report_output_path input is configured.'
value: ${{ steps.run.outputs.report_output_path }}
runs:
using: 'composite'
steps:
- name: Run CI Gate
id: run
shell: bash
env:
FA_TOKEN: ${{ inputs.api_token }}
FA_REPO_NAME: ${{ inputs.repo_name }}
FA_STRICT: ${{ inputs.strict }}
FA_REPORT_PATH: ${{ inputs.report_output_path }}
run: bash "${{ github.action_path }}/run.sh"