diff --git a/README.md b/README.md index ab364f8..466673e 100644 --- a/README.md +++ b/README.md @@ -85,6 +85,8 @@ jobs: | max_secret | 10 | Set the maximum secrets that can be found, when reaching this number secret scan will stop | Integer | No | 10000 | | dependency_tree | false | Show dependency origin tree of vulnerable packages | Boolean | No | false | | security_checks | secret | List of security issues to detect (comma-separated) | String | No | vulns,secret | +| debug | true | Debug mode | Boolean | No | false | +| log_path | results/ | The directory path to specify where the logs should be written to on debug mode. | String | No | working dir | ## Annotations After scanning, the action will add the results as annotations in a pull request: diff --git a/action.yaml b/action.yaml index dc53ccd..b30380d 100644 --- a/action.yaml +++ b/action.yaml @@ -107,6 +107,13 @@ inputs: description: "List of security issues to detect (comma-separated)" required: false default: "vulns,secret" + debug: + description: "Debug mode" + required: false + default: "false" + log_path: + description: "The directory path to specify where the logs should be written to on debug mode. Default to the current working directory" + required: false outputs: diff --git a/entrypoint.sh b/entrypoint.sh index 68f259a..4aaed0c 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -48,6 +48,12 @@ function set_global_flags() { if [ "${INPUT_DISPLAY_NAME}" ]; then GLOBAL_FLAGS+=(--display-name="${INPUT_DISPLAY_NAME}") fi + if [ "${INPUT_DEBUG}" == "true" ]; then + GLOBAL_FLAGS+=(--debug) + fi + if [ "${INPUT_LOG_PATH}" ]; then + GLOBAL_FLAGS+=(--log-path "${INPUT_LOG_PATH}") + fi } # Json format must be reported and be stored in a file for github annotations