-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
68 lines (63 loc) · 2.53 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: 'security-headers-action'
description: 'GitHub Action to analyze HTTP response headers using securityheaders.com API'
author: 'Azeem Sajid <[email protected]>'
branding:
icon: 'filter'
color: 'blue'
inputs:
api-key:
description: 'API key from https://securityheaders.com/api/'
required: true
domain-or-url:
description: 'Domain or URL to analyze HTTP response headers'
required: true
follow-redirects:
description: 'Follow redirect status codes'
required: false
default: 'true'
hide-results-on-homepage:
description: 'Hide results on homepage'
required: false
default: 'true'
api-timeout-in-seconds:
description: 'API request timeout in seconds (must be +ve, -ve value means default)'
required: false
default: '30'
max-retries-on-api-error:
description: 'Maximum number of retries on API error (must be +ve; -ve value means default)'
required: false
default: '0'
expected-grade:
description: 'Expected grade [A+ to F; or maybe R if `follow-redirects: false`] (invalid value means default)'
required: false
default: ''
outputs:
results-as-json:
description: 'Complete results in JSON format'
value: '${{ steps.analyze.outputs.results-as-json }}'
summary-as-json:
description: 'Extracted summary in JSON format'
value: '${{ steps.analyze.outputs.summary-as-json }}'
grade:
description: 'Extracted grade [A+ to F; or maybe R if `follow-redirects: false`]'
value: '${{ steps.analyze.outputs.grade }}'
runs:
using: 'composite'
steps:
- name: 'Analyze'
id: 'analyze'
env:
INPUT_API_KEY: '${{ inputs.api-key }}'
INPUT_DOMAIN_OR_URL: '${{ inputs.domain-or-url }}'
INPUT_FOLLOW_REDIRECTS: ${{ (inputs.follow-redirects == 'true') && 'on' || 'off' }}
INPUT_HIDE_RESULTS_ON_HOMEPAGE: ${{ (inputs.hide-results-on-homepage == 'true') && 'on' || 'off' }}
INPUT_API_TIMEOUT_IN_SECONDS: ${{ (inputs.api-timeout-in-seconds >= 0) && inputs.api-timeout-in-seconds || '30' }}
INPUT_MAX_RETRIES_ON_API_ERROR: ${{ (inputs.max-retries-on-api-error > 0) && inputs.max-retries-on-api-error || '0' }}
INPUT_EXPECTED_GRADE: ${{ contains(fromJSON('["A+","A","B","C","D","E","F","R"]'), inputs.expected-grade) && inputs.expected-grade || '' }}
OUTPUT_RESULTS_AS_JSON: 'results-as-json'
OUTPUT_SUMMARY_AS_JSON: 'summary-as-json'
OUTPUT_GRADE: 'grade'
shell: bash
run: |
$GITHUB_ACTION_PATH/scripts/validate.bash
$GITHUB_ACTION_PATH/scripts/analyze.bash