first commit for actions-log4j

Author: 6mile

.github/workflows/main.yml

@@ -0,0 +1,13 @@
+name: Example Workflow Using the SecureStack log4j scanning Action
+on: push
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - name: log4j Scanning Step
+        id: log4j
+        uses: SecureStackCo/[email protected]
+        with:
+          securestack_api_key: ${{ secrets.SECURESTACK_API_KEY_SECRET }}
+          securestack_app_id: ${{ secrets.SECURESTACK_APP_ID }}
+          severity: critical

.gitignore

@@ -0,0 +1,27 @@
+name: 'SecureStack Log4j Vulnerability Analysis'
+description: 'Scans your application for the presence of serious vulnerabilities in Log4j'
+  icon: 'shield'  
+  color: 'green'
+inputs:
+  securestack_api_key:
+    description: 'SecureStack API key - generate an API key at https://app.securestack.com'
+    required: true
+  securestack_app_id:
+    description: 'SecureStack Application ID - can be retrieved by accessing required application at https://app.securestack.com'
+    required: true
+  severity:
+    description: 'Severities lower than this value will be reported in the workflow console but will not cause an error for the action; value should be one of: critical | high | medium | low'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+    - name: Pull bloodhound-cli image
+      shell: bash
+      run: docker pull securestackau/bloodhound-cli
+    - name: Run bloodhound-cli
+      shell: bash
+      env:
+        BH_API_KEY: ${{ inputs.securestack_api_key }}
+        BH_APP_ID: ${{ inputs.securestack_app_id }}
+        BH_SEVERITY: ${{ inputs.severity }}
+      run: docker run -e BH_API_KEY -e BH_APP_ID -e BH_SEVERITY securestackau/bloodhound-cli code -t java -a $BH_APP_ID; echo $?