forked from Quobis/action-owasp-dependecy-track-check
-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yaml
33 lines (29 loc) · 773 Bytes
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# action.yml
name: 'OWASP Dependency Track check'
description: 'Creates BoM and upload repository to OWASP Dependency Track to find vulnerabilities'
branding:
icon: 'check-square'
color: 'green'
inputs:
url:
description: 'URL of OWASP Dependency Track REST API'
required: true
default: 'https://dtrack.quobis.com/'
key:
description: 'Key to access OWASP Dependency Track REST API'
required: true
default: 'USEAVALIDKEY'
language:
description: 'Programming language'
required: true
default: 'nodejs'
outputs:
riskscore:
description: 'String with the number of vulnerabilities found'
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.url }}
- ${{ inputs.key }}
- ${{ inputs.language }}