UID2-2888 Pass in vulnerability_severity as inputs (#77)

* Test High vulnerability * Add vulnerability_severity as inputs * Remove space between CRITICAL,HIGH * Update description for vulnerability_severity
IABTechLab · Mar 6, 2024 · b91d9a0 · b91d9a0
1 parent d254716
commit b91d9a0
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/.github/workflows/shared-publish-docker-versioned.yaml b/.github/workflows/shared-publish-docker-versioned.yaml
@@ -31,6 +31,10 @@ on:
         description: If true, will skip tests when packaging JAR. Defaults to false. Set to true for test-only repos.
         type: boolean
         default: false
+      vulnerability_severity:
+        description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between).
+        type: string
+        default: 'CRITICAL,HIGH'
     outputs:
       version_number_output:
         description: The complete version number 
@@ -194,7 +198,7 @@ jobs:
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true
-          severity: 'CRITICAL'
+          severity: ${{ inputs.vulnerability_severity }}
           hide-progress: true
 
       - name: Push to Docker