diff --git a/README.md b/README.md index fc87767..945ee36 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,8 @@ jobs: | max_secret | 10 | Set the maximum secrets that can be found, when reaching this number secret scan will stop | Integer | No | 10000 | | exclude_paths | ./notToBeScanned/,example.tf | List of paths to be excluded from scan (comma-separated) | String | No | N/A | | dependency_tree | false | Show dependency origin tree of vulnerable packages | Boolean | No | false | +| debug | true | Debug mode | Boolean | No | false | +| log_path | results/ | The directory path to specify where the logs should be written to on debug mode. | String | No | working dir | ### Output By default, the scan output is displayed on the console, but you can choose to save the output to a specific directory as a file. You can specify the output directory using the `output` option as desribed in the [Inputs](https://github.com/orcasecurity/shiftleft-container-image-action/blob/main/README.md#inputs) section. diff --git a/action.yaml b/action.yaml index e4e5412..af5decb 100644 --- a/action.yaml +++ b/action.yaml @@ -117,6 +117,13 @@ inputs: description: "Show dependency origin tree of vulnerable packages" required: false default: "false" + debug: + description: "Debug mode" + required: false + default: "false" + log_path: + description: "The directory path to specify where the logs should be written to on debug mode. Default to the current working directory" + required: false outputs: exit_code: diff --git a/entrypoint.sh b/entrypoint.sh index 35775c3..45b03b1 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -48,6 +48,12 @@ function set_global_flags() { if [ "${INPUT_DISPLAY_NAME}" ]; then GLOBAL_FLAGS+=(--display-name "${INPUT_DISPLAY_NAME}") fi + if [ "${INPUT_DEBUG}" == "true" ]; then + GLOBAL_FLAGS+=(--debug) + fi + if [ "${INPUT_LOG_PATH}" ]; then + GLOBAL_FLAGS+=(--log-path "${INPUT_LOG_PATH}") + fi } # Json format must be reported and be stored in a file for github annotations