From a4d94111675d2f5a45d1ebaa5f2d20923383660b Mon Sep 17 00:00:00 2001 From: ayala-orca <93713792+ayala-orca@users.noreply.github.com> Date: Wed, 22 May 2024 10:02:03 +0300 Subject: [PATCH] CICD-2768: support debug flag (#5) --- README.md | 45 +++++++++++++++++++++++---------------------- action.yaml | 7 +++++++ entrypoint.sh | 6 ++++++ 3 files changed, 36 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 2d6f2c8..8bf931c 100644 --- a/README.md +++ b/README.md @@ -54,28 +54,29 @@ jobs: ### Inputs -| Variable | Example Value   | Description   | Type | Required | Default | -| --------------------------- | -------------------- | --------------------------------------------------------------------------------- | ------- | -------- | ------- | -| api_token | | Orca API Token used for Authentication | String | Yes | N/A | -| project_key | my-project-key | Project Key name | String | Yes | N/A | -| path | sub-dir | Path to scan | String | No | . | -| format | json | Format for displaying the results | String | No | table | -| output | results/ | Output directory for scan results | String | No | N/A | -| no_color | false | Disable color output | Boolean | No | false | -| exit_code | 10 | Exit code for failed execution due to policy violations | Integer | No | 3 | -| control_timeout | 30 | Number of seconds the control has to execute before being canceled | Integer | No | 60 | -| silent | false | Disable logs and warnings output | Boolean | No | false | -| console_output | json | Prints results to console in the provided format (only when --output is provided) | String | No | cli | -| config | config.json | path to configuration file (json, yaml or toml) | String | No | N/A | -| show_annotations | true | show GitHub annotations on pull requests | Boolean | No | true | -| exceptions_filepath | n/a | exceptions YAML filepath. (File should be mounted) | String | No | false | -| num_cpu | 10 | Number of logical CPUs to be used for secret scanning (default 10) | Integer | No | 10 | -| show_failed_issues_only | n/a | show only failed issues | Boolean | No | false | -| from-commit | n/a | the commit to search *from* | String | No | N/A | -| to-commit | n/a | the commit to search *to* | String | No | N/A | -| disable-git-scan | true | flag that indicates that the CLI will not scan git history for secrets | Boolean | No | false | -| ignore-git-history-baseline | true | forces a full history scan | Boolean | No | false | - +| Variable | Example Value   | Description   | Type | Required | Default | +|-----------------------------|----------------------|-----------------------------------------------------------------------------------|---------|----------|-------------| +| api_token | | Orca API Token used for Authentication | String | Yes | N/A | +| project_key | my-project-key | Project Key name | String | Yes | N/A | +| path | sub-dir | Path to scan | String | No | . | +| format | json | Format for displaying the results | String | No | table | +| output | results/ | Output directory for scan results | String | No | N/A | +| no_color | false | Disable color output | Boolean | No | false | +| exit_code | 10 | Exit code for failed execution due to policy violations | Integer | No | 3 | +| control_timeout | 30 | Number of seconds the control has to execute before being canceled | Integer | No | 60 | +| silent | false | Disable logs and warnings output | Boolean | No | false | +| console_output | json | Prints results to console in the provided format (only when --output is provided) | String | No | cli | +| config | config.json | path to configuration file (json, yaml or toml) | String | No | N/A | +| show_annotations | true | show GitHub annotations on pull requests | Boolean | No | true | +| exceptions_filepath | n/a | exceptions YAML filepath. (File should be mounted) | String | No | false | +| num_cpu | 10 | Number of logical CPUs to be used for secret scanning (default 10) | Integer | No | 10 | +| show_failed_issues_only | n/a | show only failed issues | Boolean | No | false | +| from-commit | n/a | the commit to search *from* | String | No | N/A | +| to-commit | n/a | the commit to search *to* | String | No | N/A | +| disable-git-scan | true | flag that indicates that the CLI will not scan git history for secrets | Boolean | No | false | +| ignore-git-history-baseline | true | forces a full history scan | Boolean | No | false | +| debug | true | Debug mode | Boolean | No | false | +| log_path | results/ | The directory path to specify where the logs should be written to on debug mode. | String | No | working dir | ## Checks Upon adding the action, two new checks will become visible on pull requests: diff --git a/action.yaml b/action.yaml index 77e4555..fe3e30b 100644 --- a/action.yaml +++ b/action.yaml @@ -78,6 +78,13 @@ inputs: description: "Show GitHub annotations on pull requests" required: false default: "true" + debug: + description: "Debug mode" + required: false + default: "false" + log_path: + description: "The directory path to specify where the logs should be written to on debug mode. Default to the current working directory" + required: false outputs: exit_code: diff --git a/entrypoint.sh b/entrypoint.sh index c6977ec..42930a1 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -46,6 +46,12 @@ function set_global_flags() { if [ "${INPUT_SYNC_BASELINE}" ]; then GLOBAL_FLAGS+=(--sync-baseline "${INPUT_SYNC_BASELINE}") fi + if [ "${INPUT_DEBUG}" == "true" ]; then + GLOBAL_FLAGS+=(--debug) + fi + if [ "${INPUT_LOG_PATH}" ]; then + GLOBAL_FLAGS+=(--log-path "${INPUT_LOG_PATH}") + fi } # Json format must be reported and be stored in a file for github annotations