-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathaction.yml
45 lines (45 loc) · 1.55 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: 'Bandit Action'
description: 'Bandit Action'
inputs:
path:
description: 'Files or directories to run bandit on'
required: false
default: '.'
level:
description: 'Report only issues of a given severity level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything)'
required: false
default: 'UNDEFINED'
confidence:
description: 'Report only issues of a given confidence level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything)'
required: false
default: 'UNDEFINED'
excluded_paths:
description: 'comma-separated list of paths (glob patterns supported) to exclude from scan (note that these are in addition to the excluded paths provided in the config file) (default: .svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)'
required: false
default: 'DEFAULT'
exit_zero:
description: 'exit with 0, even with results found'
required: false
default: 'DEFAULT'
skips:
description: 'comma-separated list of test IDs to skip'
required: false
default: 'DEFAULT'
ini_path:
description: 'path to a .bandit file that supplies command line arguments'
required: false
default: 'DEFAULT'
GITHUB_TOKEN:
description: 'Github token of the repository (automatically created by Github)'
required: true
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.path }}
- ${{ inputs.level }}
- ${{ inputs.confidence }}
- ${{ inputs.excluded_paths }}
- ${{ inputs.exit_zero }}
- ${{ inputs.skips }}
- ${{ inputs.ini_path }}