From 02453095f1b3f06582a30de49ae05f11d5051c8a Mon Sep 17 00:00:00 2001 From: Saar Sever Date: Thu, 22 Aug 2024 13:39:49 +0300 Subject: [PATCH 1/2] CICD-263: support "disable-active-verification" flag --- action.yaml | 4 ++++ entrypoint.sh | 3 +++ 2 files changed, 7 insertions(+) diff --git a/action.yaml b/action.yaml index b30380d..1078f75 100644 --- a/action.yaml +++ b/action.yaml @@ -111,6 +111,10 @@ inputs: description: "Debug mode" required: false default: "false" + disable_active_verification: + description: "Disable active verification" + required: false + default: "false" log_path: description: "The directory path to specify where the logs should be written to on debug mode. Default to the current working directory" required: false diff --git a/entrypoint.sh b/entrypoint.sh index 4aaed0c..d9cb89f 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -51,6 +51,9 @@ function set_global_flags() { if [ "${INPUT_DEBUG}" == "true" ]; then GLOBAL_FLAGS+=(--debug) fi + if [ "${INPUT_DISABLE_ACTIVE_VERIFICATION}" == "true" ]; then + GLOBAL_FLAGS+=(--disable-active-verification) + fi if [ "${INPUT_LOG_PATH}" ]; then GLOBAL_FLAGS+=(--log-path "${INPUT_LOG_PATH}") fi From f4147c3f34b074b8e80030f18b3a64daf2697937 Mon Sep 17 00:00:00 2001 From: Saar Sever Date: Thu, 22 Aug 2024 13:49:02 +0300 Subject: [PATCH 2/2] CICD-263: update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ad39cfc..9bb7b25 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,7 @@ jobs: | security_checks | secret | List of security issues to detect (comma-separated) | String | No | vulns,secret | | debug | true | Debug mode | Boolean | No | false | | log_path | results/ | The directory path to specify where the logs should be written to on debug mode. | String | No | working dir | +| disable_active_verification | true | Disable active verification of secrets | Boolean | No | false | ## Annotations After scanning, the action will add the results as annotations in a pull request: