Skip to content

Commit

Permalink
Update orca-cli version and supported flags (#22)
Browse files Browse the repository at this point in the history
ayala-orca authored Oct 25, 2022
1 parent 22f3d69 commit c6fc5b7
Showing 3 changed files with 49 additions and 1 deletion.
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM ghcr.io/orcasecurity/orca-cli:1.4.2
FROM ghcr.io/orcasecurity/orca-cli:1.5.2

RUN apk --no-cache --update add bash nodejs npm

24 changes: 24 additions & 0 deletions action.yaml
Original file line number Diff line number Diff line change
@@ -27,6 +27,20 @@ inputs:
description: "Disable logs and warnings output"
required: false
default: "false"
baseline_context_key:
description: "Use this context key in case of no autodetect is configured on project"
required: false
disable_baseline:
description: "Do not compare to baseline on this scan"
required: false
default: "false"
sync_baseline:
description: "Sync baseline base on this flag"
required: false
disable_err_report:
description: "Suppress error reporting to the monitoring platform"
required: false
default: "false"
path:
description: "Paths or directories to scan (comma-separated)"
required: true
@@ -48,9 +62,19 @@ inputs:
control_timeout:
description: "Number of seconds the control has to execute before being canceled"
required: false
ignore_failed_exec_controls:
description: "Ignore any failures that happened while executing any of the controls"
required: false
timeout:
description: 'Set the maximum duration for the CLI execution. valid time units ("s", "m", "h")'
required: false
preview_lines:
description: "Number of lines to be display in CLI results"
required: false
show_failed_issues_only:
description: "Show only failed issues in CLI results"
required: false
default: "false"
console_output:
description: "Prints results to console in the provided format (only when --output is provided)"
required: false
24 changes: 24 additions & 0 deletions entrypoint.sh
Original file line number Diff line number Diff line change
@@ -31,6 +31,18 @@ function set_global_flags() {
if [ "${INPUT_CONFIG}" ]; then
GLOBAL_FLAGS+=(--config "${INPUT_CONFIG}")
fi
if [ "${INPUT_BASELINE_CONTEXT_KEY}" ]; then
GLOBAL_FLAGS+=(--baseline-context-key "${INPUT_BASELINE_CONTEXT_KEY}")
fi
if [ "${INPUT_DISABLE_BASELINE}" == "true" ]; then
GLOBAL_FLAGS+=(--disable-baseline)
fi
if [ "${INPUT_DISABLE_ERR_REPORT}" == "true" ]; then
GLOBAL_FLAGS+=(--disable-err-report)
fi
if [ "${INPUT_SYNC_BASELINE}" ]; then
GLOBAL_FLAGS+=(--sync-baseline "${INPUT_SYNC_BASELINE}")
fi
}

# Json format must be reported and be stored in a file for github annotations
@@ -74,9 +86,21 @@ function set_iac_scan_flags() {
if [ "${INPUT_PLATFORM}" ]; then
SCAN_FLAGS+=(--platform "${INPUT_PLATFORM}")
fi
if [ "${INPUT_CONTROL_TIMEOUT}" ]; then
SCAN_FLAGS+=(--control_timeout "${INPUT_CONTROL_TIMEOUT}")
fi
if [ "${INPUT_TIMEOUT}" ]; then
SCAN_FLAGS+=(--timeout "${INPUT_TIMEOUT}")
fi
if [ "${INPUT_IGNORE_FAILED_EXEC_CONTROLS}" == "true" ]; then
SCAN_FLAGS+=(--ignore-failed-exec-controls)
fi
if [ "${INPUT_PREVIEW_LINES}" ]; then
SCAN_FLAGS+=(--preview-lines "${INPUT_PREVIEW_LINES}")
fi
if [ "${INPUT_SHOW_FAILED_ISSUES_ONLY}" = "true" ]; then
SCAN_FLAGS+=(--show-failed-issues-only)
fi
if [ "${FORMATS_FOR_JSON}" ]; then
SCAN_FLAGS+=(--format "${FORMATS_FOR_JSON}")
fi

0 comments on commit c6fc5b7

Please sign in to comment.