CICD-2768: support debug flag

orcasecurity · May 22, 2024 · 5348b52 · 5348b52
1 parent 937ab9e
commit 5348b52
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -80,6 +80,8 @@ jobs:
 | max_secret                   | 10                           | Set the maximum secrets that can be found, when reaching this number secret scan will stop | Integer | No       | 10000        |
 | exclude_paths                | ./notToBeScanned/,example.tf | List of paths to be excluded from scan (comma-separated)                                   | String  | No       | N/A          |
 | dependency_tree              | false                        | Show dependency origin tree of vulnerable packages                                         | Boolean | No       | false        |
+| debug                        | true                         | Debug mode                                                                                 | Boolean | No       | false        |
+| log_path                     | results/                     | The directory path to specify where the logs should be written to on debug mode.           | String  | No       | working dir  |
 
 ### Output
 By default, the scan output is displayed on the console, but you can choose to save the output to a specific directory as a file. You can specify the output directory using the `output` option as desribed in the [Inputs](https://github.com/orcasecurity/shiftleft-container-image-action/blob/main/README.md#inputs) section.

diff --git a/action.yaml b/action.yaml
@@ -117,6 +117,13 @@ inputs:
     description: "Show dependency origin tree of vulnerable packages"
     required: false
     default: "false"
+  debug:
+    description: "Debug mode"
+    required: false
+    default: "false"
+  log_path:
+    description: "The directory path to specify where the logs should be written to on debug mode. Default to the current working directory"
+    required: false
 
 outputs:
     exit_code:

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -48,6 +48,12 @@ function set_global_flags() {
   if [ "${INPUT_DISPLAY_NAME}" ]; then
     GLOBAL_FLAGS+=(--display-name "${INPUT_DISPLAY_NAME}")
   fi
+  if [ "${INPUT_DEBUG}" == "true" ]; then
+    GLOBAL_FLAGS+=(--debug)
+  fi
+  if [ "${INPUT_LOG_PATH}" ]; then
+    GLOBAL_FLAGS+=(--log-path "${INPUT_LOG_PATH}")
+  fi
 }
 
 # Json format must be reported and be stored in a file for github annotations