# action.yml
name: 'KICS Github Action'
description: 'Run KICS scan against IaC projects'
inputs:
  path:
    description: 'paths to a file or directories to scan, accepts a comma separated list'
    required: true
  ignore_on_exit:
    description: 'defines which non-zero exit codes should be ignored (all, results, errors, none)'
    required: false
  fail_on:
    description: 'comma separated list of which severities returns exit code !=0'
    required: false
  timeout:
    description: 'number of seconds the query has to execute before being canceled'
    required: false
  profiling:
    description: 'turns on profiler that prints resource consumption in the logs during the execution (CPU, MEM)'
    required: false
  config_path:
    description: 'path to configuration file'
    required: false
  platform_type:
    description: 'case insensitive list of platform types to scan'
    required: false
  exclude_paths:
    description: "exclude paths from scan, supports glob, quoted comma separated string example: './shouldNotScan/*,somefile.txt'"
    required: false
  exclude_queries:
    description: exclude queries by providing the query ID
    required: false
  exclude_categories:
    description: exclude categories by providing its name, can be provided multiple times or as a comma separated string
    required: false
  exclude_results:
    description: "exclude results by providing the similarity ID of a result"
    required: false
  output_formats:
    description: "formats in which the results report will be exported (json, sarif)"
    required: false
  output_path:
    description: 'file path to store results report (json, sarif)'
    required: false
  payload_path:
    description: 'file path to store source internal representation in JSON format'
    required: false
  queries:
    description: 'path to directory with queries (default "./assets/queries")'
    required: false
  verbose:
    description: 'verbose scan'
outputs:
  results:
    description: 'the result of KICS scan'
branding:
  icon: 'shield'
  color: 'green'
runs:
  using: 'docker'
  image: 'Dockerfile'
  args:
    - ${{ inputs.path }}
    - ${{ inputs.ignore_on_exit }}
    - ${{ inputs.fail_on }}
    - ${{ inputs.timeout }}
    - ${{ inputs.profiling }}
    - ${{ inputs.config }}
    - ${{ inputs.platform_type }}
    - ${{ inputs.exclude_paths }}
    - ${{ inputs.exclude_queries }}
    - ${{ inputs.exclude_categories }}
    - ${{ inputs.exclude_results }}
    - ${{ inputs.output_formats }}
    - ${{ inputs.output_path }}
    - ${{ inputs.payload_path }}
    - ${{ inputs.queries }}
    - ${{ inputs.verbose }}