action.yml

name: "NowSecure: Mobile SBOM"
description: "Generate a Mobile SBOM for an application and submit to the Dependency submission API"
inputs:
  platform_token:
    required: true
    description: "NowSecure Platform token."
  group_id:
    required: true
    description: "Group ID for the application in Platform."
  app_file:
    required: true
    description: "Application binary to scan on NowSecure. Must be an Android or iOS application."
runs:
  using: "composite"
  steps:
        - id: upload
          uses: nowsecure/nowsecure-action/upload-app@v4
          with:
            platform_token: ${{ inputs.platform_token }}
            app_file: ${{ inputs.app_file }}
            group_id: ${{ inputs.group_id }}

        - id: pull_report
          uses: nowsecure/nowsecure-action/convert-sarif@v4
          with:
            report_id: ${{ steps.upload.outputs.report_id }}
            platform_token: ${{ inputs.platform_token }}
            group_id: ${{ inputs.group_id }}
            enable_dependencies: true
            enable_sarif: false