forked from microsoft/security-devops-action
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
36 lines (36 loc) · 1.25 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: 'security-devops-action'
description: 'Run security analyzers.'
author: 'Microsoft'
branding:
icon: 'shield'
color: 'black'
inputs:
command:
description: The command to run. Defaults to run.
default: all
options:
- all
- run
- pre-job
- post-job
config:
description: A file path to a .gdnconfig file.
policy:
description: The name of the well known policy to use. Defaults to GitHub.
default: GitHub
categories:
description: A comma separated list of analyzer categories to run. Values secrets, code, artifacts, IaC, containers. Example IaC,secrets. Defaults to all.
languages:
description: A comma separated list of languages to analyze. Example javascript, typescript. Defaults to all.
tools:
description: A comma separated list of analyzer to run. Example bandit, binskim, container-mapping, eslint, templateanalyzer, terrascan, trivy.
includeTools:
description: A comma separated list of analyzers to run in addition to the default set defined by the policy. Limited to container-mapping
outputs:
sarifFile:
description: A file path to a SARIF results file.
runs:
using: 'node16'
main: 'lib/main.js'
pre: 'lib/pre.js'
post: 'lib/post.js'