-
Notifications
You must be signed in to change notification settings - Fork 2
/
action.yml
87 lines (80 loc) · 2.69 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: 'SCANOSS Code Scan Action'
description: 'Scan your code from GH Workflow and take action based on detected components'
author: 'SCANOSS'
branding:
icon: 'check-circle'
color: 'gray-dark'
inputs:
policies:
description: 'List of policies separated by comma (e.g., copyleft, undeclared)'
required: false
policies.halt_on_failure:
description: 'Halt if a check fails'
required: false
default: true
api.key:
description: 'SCANOSS API Key token (optional - not required for default OSSKB URL)'
required: false
api.url:
description: 'SCANOSS API URL (optional - default: https://osskb.org/api/scan/direct)'
required: false
dependencies.enabled:
description: 'Scan dependencies (optional - default false)'
required: false
default: false
dependencies.scope:
description: 'Gets development or production dependencies (scopes - prod|dev)'
required: false
default: ''
dependencies.scope.include:
description: 'Custom list of dependency scopes to be included. Provide scopes as a comma-separated list.'
required: false
default: ''
dependencies.scope.exclude:
description: 'Custom list of dependency scopes to be excluded. Provide scopes as a comma-separated list.'
required: false
default: ''
output.filepath:
required: false
default: 'results.json'
github.token:
description: 'Your GitHub token'
required: false
default: ${{ github.token }}
licenses.copyleft.include:
description: 'List of Copyleft licenses to append to the default list. Provide licenses as a comma-separated list.'
required: false
licenses.copyleft.exclude:
description: 'List of Copyleft licenses to remove from default list. Provide licenses as a comma-separated list.'
required: false
licenses.copyleft.explicit:
description: 'Explicit list of Copyleft licenses to consider. Provide licenses as a comma-separated list.'
required: false
runtimeContainer:
description: 'Specify runtime container to perform the scan.'
default: 'ghcr.io/scanoss/scanoss-py:v1.19.0'
required: false
skipSnippets:
description: 'Skip the generation of snippets.'
default: false
required: false
scanFiles:
description: 'Enable or disable file and snippet scanning.'
default: true
required: false
scanossSettings:
description: 'Settings file to use for scanning.'
default: true
required: false
settingsFilepath:
description: 'SCANOSS settings file path.'
default: 'scanoss.json'
required: false
outputs:
result-filepath:
description: 'Scanner results filepath'
stdout-scan-command:
description: 'Scanner command output'
runs:
using: node20
main: dist/index.js