accurics-action/action.yml at master · ManagedKube/accurics-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Action definition for the GitHub Accurics Action
name: 'Accurics GitHub Action'
author: 'accurics'
description: 'The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment.'
branding:
  color: blue
  icon: shield
inputs:
  debug-mode:
    required: false
    default: false
  terraform-version:
    description: 'The Terraform version used to process the files in this repository (ex: 0.12.26). (default=latest)'
    required: false
    default: 'latest'
  directories:
    description: 'A list of directories to scan within this repository separated by a space. (default=current directory)'
    required: false
    default: '.'
  plan-args:
    description: 'Terraform plan arguments'
    required: true
    default: ''
  env-id:
    description: 'Environment ID for Accurics to scan'
    required: true
    default: ''
  app-id:
    description: 'Accurics CLI Application Token ID'
    required: true
    default: ''
  repo:
    description: 'Repository Location'
    required: false
    default: '__empty__'
  url:
    description: 'Accurics Application URL'
    required: false
    default: 'https://app.accurics.com'
  fail-on-violations:
    description: 'Allows Accurics to fail the build when violations are found (default=true)'
    required: false
    default: true
  fail-on-all-errors:
    description: 'Allows Accurics to fail the build when any errors are encountered (default=true)'
    required: false
    default: true
  scan-mode:
    description: 'Allows Accurics to switch to terrascan based analysis'
    required: false
    default: "plan"
  pipeline:
    description: 'Allows Accurics to put data into pipeline tab in tenable.cs web consile values accepted(true/false)'
    required: false
    default: false
  run-mode:
    description: 'Allows run terragrunt or terraform (plan/tgplan)'
    required: false
    default: "plan"
  terragrunt-version:
    description: 'Allows install terragrunt DRY Terraform'
    required: false
    default: ""
outputs:
  env-name:
    description: 'Environment Name'
  repo:
    description: 'Repository Location'
  num-violations:
    description: 'Number of Violations'
  num-resources:
    description: 'Number of Resources'
  high:
    description: 'Number of High-Severity Violations'
  medium:
    description: 'Number of Medium-Severity Violations'
  low:
    description: 'Number of Low-Severity Violations'
  native:
    description: 'Number of Violations for Native Resources'
  inherited:
    description: 'Number of Violations Inherited from Other Resources'
  drift:
    description: 'Total Number of Configuration drifts Found'
  iacdrift:
    description: 'Number of IAC-to-Cloud Configuration drifts Found'
  clouddrift:
    description: 'Number of Cloud-to-Cloud Configuration drifts Found'
  has-errors:
    description: 'Errors were reported'
runs:
  using: 'docker'
  image: 'Dockerfile'
  args:
    - ${{ inputs.debug-mode }}
    - ${{ inputs.terraform-version }}
    - ${{ inputs.directories }}
    - ${{ inputs.plan-args }}
    - ${{ inputs.env-id }}
    - ${{ inputs.app-id }}
    - ${{ inputs.repo }}
    - ${{ inputs.url }}
    - ${{ inputs.fail-on-violations }}
    - ${{ inputs.fail-on-all-errors }}
    - ${{ inputs.scan-mode }}
    - ${{ inputs.pipeline }}
    - ${{ inputs.run-mode }}
    - ${{ inputs.terragrunt-version }}