feat: Add severity arg (#5)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
4 years ago · 1c67427335
parent 74538091fa
commit 1c67427335
2 changed files with 13 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -35,11 +35,12 @@ jobs:
        run: |
          docker build -t docker.io/my-organization/my-app:${{ github.sha }}
      - name: Run vulnerability scanner
-        uses: aquasecurity/trivy-action@0.0.4
+        uses: aquasecurity/trivy-action@0.0.5
        with:
          image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
          format: 'table'
          exit-code: '1'
+          severity: 'CRITICAL,HIGH'
 ```

 ## Customizing
@ -48,8 +49,9 @@ jobs:

 Following inputs can be used as `step.with` keys:

-| Name        | Type   | Default | Description                               |
-|-------------|--------|---------|-------------------------------------------|
-| `image-ref` | String |         | Image reference, e.g. `alpine:3.10.2`     |
-| `format`    | String | `table` | Output format (`table`, `json`)           |
-| `exit-code` | String | `0`     | exit code when vulnerabilities were found |
+| Name        | Type   | Default                            | Description                                   |
+|-------------|--------|------------------------------------|-----------------------------------------------|
+| `image-ref` | String |                                    | Image reference, e.g. `alpine:3.10.2`         |
+| `format`    | String | `table`                            | Output format (`table`, `json`)               |
+| `exit-code` | String | `0`                                | exit code when vulnerabilities were found     |
+| `severity`  | String | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | severities of vulnerabilities to be displayed |
--- a/action.yaml
+++ b/action.yaml
@ -9,6 +9,10 @@ inputs:
    description: 'exit code when vulnerabilities were found'
    required: false
    default: '0'
+  severity:
+    description: 'severities of vulnerabilities to be displayed'
+    required: false
+    default: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
  format:
    description: 'output format (table, json)'
    required: false
@ -24,4 +28,5 @@ runs:
    - 'image'
    - '--format=${{ inputs.format }}'
    - '--exit-code=${{ inputs.exit-code }}'
+    - '--severity=${{ inputs.severity }}'
    - '${{ inputs.image-ref }}'