Traceableai · yogesh-gogia1 · May 31, 2024 · May 31, 2024 · May 31, 2024 · May 31, 2024
diff --git a/README.md b/README.md
@@ -14,22 +14,26 @@ Traceable’s GitHub action can be used to continuously test your software build
 ## Getting started with Traceable AST action
 ### Understanding the inputs
 
-| **Input**               | **Description**                                                    |
-| ------------------- |--------------------------------------------------------------------|
-| step\_name          | Scan action: init/ run/ init and run/ stop.                        |
-| scan\_name          | Name of the scan                                                   |
-| client\_scan\_token | Access token from platform                                         |
-| cli\_version        | Version of CLI you want to use for AST. Current one is 1.0.0-rc.3. |
-| traffic\_env        | Environment from where AST should observe traffic.                 |
-| plugins             | List of plugins you want to run the AST scan for.                  |
-| include\_url\_regex | Include URL patterns to test.                                      |
-| exclude\_url\_regex | exclude URL patterns from scan.                                    |
-| target\_url         | Target URL for the tests.                                          |
-| traceable\_server   | URL for traceable server, not applicable for SaaS customers.       |
-| idle\_timeout       | Scan timeout for a scan when it goes in IDLE state.                |
-| scan\_timeout       | Scan timeout in general.                                           |
-| reference\_env      | Reference environment from where AST should pick up the API specs. |
-| max\_retries        | Max retries for the scan after failure.                            |
+| **Input**                       | **Description**                                                               |
+|---------------------------------|-------------------------------------------------------------------------------|
+| step\_name                      | Scan action: init/ run/ init and run/ stop.                                   |
+| scan\_name                      | Name of the scan                                                              |
+| client\_scan\_token             | Access token from platform                                                    |
+| cli\_version                    | Version of CLI you want to use for AST. Current one is 1.0.0-rc.3.            |
+| traffic\_env                    | Environment from where AST should observe traffic.                            |
+| plugins                         | List of plugins you want to run the AST scan for.                             |
+| include\_url\_regex             | Include URL patterns to test.                                                 |
+| exclude\_url\_regex             | exclude URL patterns from scan.                                               |
+| target\_url                     | Target URL for the tests.                                                     |
+| traceable\_server               | URL for traceable server, not applicable for SaaS customers.                  |
+| idle\_timeout                   | Scan timeout for a scan when it goes in IDLE state.                           |
+| scan\_timeout                   | Scan timeout in general.                                                      |
+| reference\_env                  | Reference environment from where AST should pick up the API specs.            |
+| max\_retries                    | Max retries for the scan after failure.                                       |
+| scan\_suite                     | AST suite name as defined on the Traceable.ai platform.                       |
+| graphql\_schema\_ids            | Comma separated GraphQl schema IDs uploaded on Traceable.ai platform.         |
+| graphql\_schema\_files          | Comma separated GraphQl SDL file paths.                                       |
+| graphql\_introspection\_enabled | Enables extracting the GraphQl Schema by running introspection on target-url. |
 
 
 ### Sample GitHub Action workflow

diff --git a/action.yml b/action.yml
@@ -145,7 +145,22 @@ inputs:
     required: false
     description: 'Output stream/file for traceable cli logs'
     default: 'NULL'
-
+  scan_suite:
+    required: false
+    description: 'AST suite name as defined on the Traceable.ai platform'
+    default: 'NULL'
+  graphql_schema_ids:
+    required: false
+    description: 'Comma separated GraphQl schema IDs uploaded on Traceable.ai platform'
+    default: 'NULL'
+  graphql_schema_files:
+    required: false
+    description: 'Comma separated GraphQl SDL file paths'
+    default: 'NULL'
+  graphql_introspection_enabled:
+    required: false
+    description: 'Enables extracting the GraphQl Schema by running introspection on target-url'
+    default: 'false'
 runs:
   using: composite
   steps:
@@ -196,11 +211,11 @@ runs:
         traceableCliBinaryLocation=${GITHUB_WORKSPACE}/traceable
 
         scanInitCmd=$traceableCliBinaryLocation' ast scan initAndRun'
-        optionsArr=('--scan-name' '--traffic-env' '--token' '--plugins' '--include-url-regex' '--exclude-url-regex' '--target-url' '--traceable-server' '--idle-timeout' '--scan-timeout' ' --reference-env' '--max-retries' '--openapi-spec-ids' '--openapi-spec-files' '--policy' '--postman-collection' '--postman-environment' '--include-endpoint-labels' '--exclude-endpoint-labels' '--include-endpoint-with-owner-attributes' '--include-endpoint-owners' '--loglevel' '--logfile' '--agent-logfile' '--proxy-logfile')
+        optionsArr=('--scan-name' '--traffic-env' '--token' '--plugins' '--include-url-regex' '--exclude-url-regex' '--target-url' '--traceable-server' '--idle-timeout' '--scan-timeout' ' --reference-env' '--max-retries' '--openapi-spec-ids' '--openapi-spec-files' '--policy' '--postman-collection' '--postman-environment' '--include-endpoint-labels' '--exclude-endpoint-labels' '--include-endpoint-with-owner-attributes' '--include-endpoint-owners' '--loglevel' '--logfile' '--agent-logfile' '--proxy-logfile' '--scan-suite' '--graphql-schema-ids' '--graphql-schema-files' '--graphql-introspection-enabled')
 
         #Iterating the options available from options array and filling them with the arguments received in order
         iterator=0
-        for option in '${{ inputs.scan_name }}' '${{ inputs.traffic_env }}' '${{ inputs.client_scan_token }}' '${{ inputs.plugins }}' '${{ inputs.include_url_regex }}' '${{ inputs.exclude_url_regex }}' '${{ inputs.target_url }}' '${{ inputs.traceable_server }}' '${{ inputs.idle_timeout }}' '${{ inputs.scan_timeout }}' '${{ inputs.reference_env }}' '${{ inputs.max_retries }}' '${{ inputs.openapi_spec_ids }}' '${{ inputs.openapi_spec_files }}' '${{ inputs.policy }}' '${{ inputs.postman_collection }}' '${{ inputs.postman_environment }}' '${{ inputs.include_endpoint_labels}}' '${{ inputs.exclude_endpoint_labels }}' '${{ inputs.include_endpoint_with_owner_attributes }}' '${{ inputs.include_endpoint_owners }}' '${{ inputs.log_level }}' '${{ inputs.logfile }}' '${{ inputs.agent_logfile }}' '${{ inputs.proxy_logfile }}'
+        for option in '${{ inputs.scan_name }}' '${{ inputs.traffic_env }}' '${{ inputs.client_scan_token }}' '${{ inputs.plugins }}' '${{ inputs.include_url_regex }}' '${{ inputs.exclude_url_regex }}' '${{ inputs.target_url }}' '${{ inputs.traceable_server }}' '${{ inputs.idle_timeout }}' '${{ inputs.scan_timeout }}' '${{ inputs.reference_env }}' '${{ inputs.max_retries }}' '${{ inputs.openapi_spec_ids }}' '${{ inputs.openapi_spec_files }}' '${{ inputs.policy }}' '${{ inputs.postman_collection }}' '${{ inputs.postman_environment }}' '${{ inputs.include_endpoint_labels}}' '${{ inputs.exclude_endpoint_labels }}' '${{ inputs.include_endpoint_with_owner_attributes }}' '${{ inputs.include_endpoint_owners }}' '${{ inputs.log_level }}' '${{ inputs.logfile }}' '${{ inputs.agent_logfile }}' '${{ inputs.proxy_logfile }}' '${{ inputs.scan_suite }}' '${{ inputs.graphql_schema_ids }}' '${{ inputs.graphql_schema_files }}' '${{ inputs.graphql_introspection_enabled }}'
         do
           if [ -z "$option" ] || [ "$option" = "''" ] || [ "$option" = "NULL" ]
           then