forked from pyupio/safety
-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
71 lines (68 loc) · 2.52 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# action.yml
name: 'pyupio/safety'
description: 'Runs the Safety CLI dependency scanner against your project'
inputs:
api-key:
description: 'PyUp.io API key'
required: false
default: ''
create-pr:
description: 'Create a PR if Safety finds any vulnerabilities. Only the `file` scan mode is currently supported - combine with Cron based actions to get automatic notifications of new vulnerabilities.'
required: false
default: ''
create-issue:
description: 'Create an issue if Safety finds any vulnerabilities. Only the `file` scan mode is currently supported - combine with Cron based actions to get automatic notifications of new vulnerabilities.'
required: false
default: ''
scan:
description: 'Scan mode to use. One of auto / docker / env / file (defaults to auto)'
required: false
default: 'auto'
docker-image:
description: 'Tag or hash of the Docker Image to scan (defaults to autodetecting the last built tagged image)'
required: false
default: ''
requirements:
description: 'Path of requirements file to scan (defaults to poetry.lock -> Pipfile.lock -> requirements.txt)'
required: false
default: ''
continue-on-error:
description: 'By default, Safety will exit with a non-zero exit code if it detects any vulnerabilities. Set this to yes / true to not error out.'
required: false
default: ''
output-format:
description: 'Output format for returned data. One of screen / text / json / bare (defaults to screen)'
required: false
default: 'screen'
args:
description: '[Advanced] Any additional arguments to pass to Safety'
required: false
default: ''
repo-token:
required: false
default: ''
outputs:
cli-output:
description: 'CLI output from Safety'
exit-code:
description: 'Exit code from Safety'
runs:
using: 'docker'
image: 'docker://pyupio/safety-v2-beta:latest'
env:
SAFETY_API_KEY: ${{ inputs.api-key }}
SAFETY_ACTION: true
SAFETY_ACTION_CREATE_PR: ${{ inputs.create-pr }}
SAFETY_ACTION_CREATE_ISSUE: ${{ inputs.create-issue }}
SAFETY_ACTION_SCAN: ${{ inputs.scan }}
SAFETY_ACTION_DOCKER_IMAGE: ${{ inputs.docker-image }}
SAFETY_ACTION_REQUIREMENTS: ${{ inputs.requirements }}
SAFETY_ACTION_CONTINUE_ON_ERROR: ${{ inputs.continue-on-error }}
SAFETY_ACTION_OUTPUT_FORMAT: ${{ inputs.output-format }}
SAFETY_ACTION_ARGS: ${{ inputs.args }}
SAFETY_ACTION_FORMAT: true
GITHUB_TOKEN: ${{ inputs.repo-token }}
COLUMNS: 120
branding:
icon: 'lock'
color: 'purple'