-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathaction.yml
More file actions
45 lines (41 loc) · 1.16 KB
/
action.yml
File metadata and controls
45 lines (41 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: 'CodeSnapAI'
description: 'Intelligent Code Analysis & Governance Tool'
inputs:
target:
description: 'Path to scan'
required: true
default: '.'
language:
description: 'Language to analyze (python, go, shell)'
required: false
default: 'python'
reporter:
description: 'Reporter to use (console, json, github)'
required: false
default: 'github'
fail_on_high:
description: 'Fail if high severity issues are found'
required: false
default: 'false'
runs:
using: "composite"
steps:
- name: Install Dependencies
shell: bash
run: |
pip install poetry
poetry install --only main
- name: Run Scan
shell: bash
run: |
ARGS=""
if [ "${{ inputs.fail_on_high }}" == "true" ]; then
ARGS="$ARGS --fail-on-high"
fi
# We assume the action is running in the repo root where codesage is available or installed
# If installed via pip/poetry, we run it.
poetry run codesage scan ${{ inputs.target }} \
--language ${{ inputs.language }} \
--reporter ${{ inputs.reporter }} \
--ci-mode \
$ARGS