name: 'CodeGuru Security'
description: 'AWS CodeGuru Security Action'
branding:
  icon: 'cloud'
  color: 'orange'
inputs:
  source_path:
    description: 'Path to source repository'
    default: .
    required: false
  aws_region:
    description: 'AWS region where you want to run workflow'
    required: true
  scan_name:
    description: 'The name of the scan'
    default: CGS-Github-${{ github.event.repository.name }}
    required: true
  analysis_type:
    description: 'The type of analysis you want CodeGuru Security to perform in the scan, either Security or All. Defaults to Security type if missing.'
    required: false  
  fail_on_severity:
    description: 'Fails the action run if any finding is higher than or equal to severity is provided. Default the script does not break the action run. [example: Info, Low, Medium, High, Critical]'
    required: false

runs:
  using: docker
  image: docker://public.ecr.aws/l6c8c5q3/codegurusecurity-actions-public:latest
  args:
    - --source_path
    - ${{ inputs.source_path }}
    - --aws_region
    - ${{ inputs.aws_region }}
    - --scan_name
    - ${{ inputs.scan_name }}
    - --output_file_prefix
    - codeguru-security-results
    - --output_file_format
    - SARIF
    - --analysis_type
    - ${{ inputs.analysis_type }}
    - --fail_on_severity
    - ${{ inputs.fail_on_severity }}