-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
107 lines (101 loc) · 3.74 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
name: "auditor-action"
description: "The Auditor"
author: "Grant Birkinbine"
inputs:
github_token:
description: 'The GitHub token used to create an authenticated client - Provided
for you by default! If you are using annotations on pull requests, you may
need to use a GitHub App token with checks:write permissions instead'
default: ${{ github.token }}
required: true
config:
description: The path to the auditor's config file
default: config/auditor.yml
required: true
json_diff_path:
description: The path to the json diff file
default: diff.json
required: true
github_base_url:
description: 'The base URL for the GitHub instance you are using'
default: 'https://github.com'
required: true
annotate_pr:
description: Annotate the PR with the audit results
default: "true"
required: true
annotate_name:
description: 'The name of the annotation to name to use'
default: 'The Auditor'
required: true
annotate_title:
description: 'The title of the annotation to use'
default: 'The Auditor has detected findings in your pull request'
required: true
annotate_summary:
description: 'The summary of the annotation to use'
default: 'Please review the findings and make any necessary changes'
required: true
annotate_status:
description: 'The status of the annotation to use'
default: 'completed'
required: true
write_results_path:
description: 'The path to write the markdown results to (for custom reporting) -
Leave unset to disable writing results to a file'
default: ''
required: true
# git diff action specific below
base_branch:
description: 'The base branch to compare the PR against'
default: HEAD^1 # compare the PR merge commit against its first parent
required: true
file_output_only:
description: 'Only output the diff to the json file'
default: "true" # do not print any diff output to the console (safety first)
required: true
search_path:
description: 'The path to search for changes'
default: '.' # look in the entire repo for changes
required: true
max_buffer_size:
description: 'The maximum buffer size for the git diff command'
default: "10000000" # the default git diff buffer size, increase if you have issues
required: true
branding:
icon: "lock"
color: "gray-dark"
runs:
using: "composite"
steps:
- name: checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4
with:
fetch-depth: 0 # needed to checkout all branches
- name: git-diff-action
uses: GrantBirki/git-diff-action@f9084974667db3cecc39baa7d09f0c95656f77b2 # [email protected]
id: git-diff-action
with:
json_diff_file_output: ${{ inputs.json_diff_path }}
base_branch: ${{ inputs.base_branch }}
file_output_only: ${{ inputs.file_output_only }}
search_path: ${{ inputs.search_path }}
max_buffer_size: ${{ inputs.max_buffer_size }}
- name: auditor-action
uses: GrantBirki/auditor-action-core@4d6e777d66cd3c8c7479b435d68a6f66a17d6a5f # [email protected]
with:
github_token: ${{ inputs.github_token }}
annotate_pr: ${{ inputs.annotate_pr }}
config_path: ${{ inputs.config }}
json_diff_path: ${{ inputs.json_diff_path }}
github_base_url: ${{ inputs.github_base_url }}
annotate_name: ${{ inputs.annotate_name }}
annotate_title: ${{ inputs.annotate_title }}
annotate_summary: ${{ inputs.annotate_summary }}
annotate_status: ${{ inputs.annotate_status }}
write_results_path: $ {{ inputs.write_results_path }}
- name: cleanup
env:
JSON_DIFF_PATH: ${{ inputs.json_diff_path }}
run: rm $JSON_DIFF_PATH
shell: bash