action.yml

name: 'DevSkim'
description: 'Run DevSkim Code Analysis and output Sarif compatible with GitHub Code Scanning alerts'
inputs:
  directory-to-scan:
    description: 'The sub directory of the repository root to scan. Repository root used by default.'
    required: false
    default: 'GITHUB_WORKSPACE'
  should-scan-archives:
    description: 'Optionally scan the contents of archives.'
    required: false
    default: false
  output-filename:
    description: 'The filename for the output.'
    required: false
    default: 'devskim-results.sarif'
  output-directory:
    description: 'The sub directory for the output under GITHUB_WORKSPACE.'
    required: false
    default: 'GITHUB_WORKSPACE'
  ignore-globs:
    description: 'Optional comma separated list of file globs to ignore when scanning.'
    required: false
    default: "**/.git/**,**/bin/**"
  exclude-rules:
    description: 'Optional comma separated list of rule IDs to ignore'
    required: false
    default: ""
  options-json:
    description: 'Optional path in the repository containing a json to provide to the --options-json argument'
    required: false
    default: ""
  extra-options:
    description: 'Provide any other command line arguments for the DevSkim analyze command. See DevSkim documentation for usage instructions.'
    required: false
    default: ""
branding:
  icon: 'check-square'  
  color: 'green'  
runs:
  using: 'docker'
  image: 'Dockerfile'
  args: 
    - ${{ inputs.directory-to-scan }}
    - ${{ inputs.should-scan-archives }}
    - ${{ inputs.output-filename }}
    - ${{ inputs.output-directory }}
    - ${{ inputs.ignore-globs }}
    - ${{ inputs.exclude-rules }}
    - ${{ inputs.options-json }}
    - ${{ inputs.extra-options }}