-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathaction.yml
More file actions
53 lines (46 loc) · 1.72 KB
/
action.yml
File metadata and controls
53 lines (46 loc) · 1.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
name: "Static Analysis"
description: "Runs static analysis on the code"
inputs:
ignored-accounts:
description: "Comma-separated list of accounts to ignore"
required: false
default: "actions,VirdocsSoftware,aws-actions"
layer-package-json:
description: "Path to the layer package.json file"
required: true
domains:
description: "JSON string containing domains to analyze (e.g. {\"include\": [{\"project\": \"domain1\"}, {\"project\": \"domain2\"}]})"
required: true
runs:
using: "composite"
steps:
- name: Checkout Code
uses: actions/checkout@v6.0.2
continue-on-error: true
- name: Scan workflow yml files
id: scan-workflows
run: |
echo "Running the following script: ${{ github.action_path }}/scan_github_actions.js"
echo "With the current working directory: $(pwd)"
node ${{ github.action_path }}/scan_github_actions.js
shell: bash
working-directory: ${{ github.workspace }}
env:
IGNORED_ACCOUNTS: ${{ inputs.ignored-accounts }}
DOMAINS: ${{ inputs.domains }}
continue-on-error: true
- name: Run layer dependency analysis
id: layer-dependency-analysis
run: |
echo "Running layer dependency analysis script"
node ${{ github.action_path }}/layer_dependency_analysis.js "${{ inputs.layer-package-json }}" '${{ inputs.domains }}'
shell: bash
working-directory: ${{ github.workspace }}
continue-on-error: true
- name: Check results
run: |
if [ "${{ steps.scan-workflows.outcome }}" != "success" ] || [ "${{ steps.layer-dependency-analysis.outcome }}" != "success" ]; then
echo "One or more steps failed"
exit 1
fi
shell: bash