Added input option support (#34 )

* Added input option support * Fix position of input flag * update readme * Update README.md Co-authored-by: Simarpreet Singh <simar@linux.com>
Update README.md
2021-03-24 13:54:13 -07:00 · 2021-03-19 15:25:03 -07:00
3 changed files with 15 additions and 1 deletions
@@ -136,6 +136,7 @@ Following inputs can be used as `step.with` keys:
 | Name             | Type    | Default                            | Description                                   |
 |------------------|---------|------------------------------------|-----------------------------------------------|
 | `scan-type`      | String  | `image`                            | Scan type, e.g. `image` or `fs`|
+| `input`          | String  |                                    | Tar reference, e.g. `alpine-latest.tar` |
 | `image-ref`      | String  |                                    | Image reference, e.g. `alpine:3.10.2`         |
 | `scan-ref`       | String  | `/github/workspace/`               | Scan reference, e.g. `/github/workspace/` or `.`|
 | `format`         | String  | `table`                            | Output format (`table`, `json`, `template`)   |
@@ -146,6 +147,7 @@ Following inputs can be used as `step.with` keys:
 | `vuln-type`      | String  | `os,library`                       | Vulnerability types (os,library)              |
 | `severity`       | String  | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | Severities of vulnerabilities to be displayed |
 | `skip-dirs`       | String  |                                   | Comma separated list of directories where traversal is skipped |
+
 [release]: https://github.com/aquasecurity/trivy-action/releases/latest
 [release-img]: https://img.shields.io/github/release/aquasecurity/trivy-action.svg?logo=github
 [marketplace]: https://github.com/marketplace/actions/aqua-security-trivy
@@ -9,6 +9,10 @@ inputs:
  image-ref:
    description: 'image reference(for backward compatibility)'
    required: true
+  input:
+    description: 'reference of tar file to scan'
+    required: false
+    default: ''
  scan-ref:
    description: 'Scan reference'
    required: false
@@ -60,3 +64,4 @@ runs:
    - '-i ${{ inputs.image-ref }}'
    - '-j ${{ inputs.scan-ref }}'
    - '-k ${{ inputs.skip-dirs }}'
+    - '-l ${{ inputs.input }}'
@@ -1,6 +1,6 @@
 #!/bin/bash
 set -e
-while getopts "a:b:c:d:e:f:g:h:i:j:k:" o; do
+while getopts "a:b:c:d:e:f:g:h:i:j:k:l:" o; do
   case "${o}" in
       a)
         export scanType=${OPTARG}
@@ -35,6 +35,9 @@ while getopts "a:b:c:d:e:f:g:h:i:j:k:" o; do
       k)
         export skipDirs=${OPTARG}
       ;;
+       l)
+         export input=${OPTARG}
+       ;;
  esac
 done

@@ -43,6 +46,10 @@ export artifactRef="${imageRef}"
 if [ "${scanType}" = "fs" ];then
  artifactRef=$(echo $scanRef | tr -d '\r')
 fi
+input=$(echo $input | tr -d '\r')
+if [ $input ]; then
+  artifactRef="--input $input"
+fi
 ignoreUnfixed=$(echo $ignoreUnfixed | tr -d '\r')

 ARGS=""
Author	SHA1	Message	Date
rahul2393	e2054f8b6a	Added input option support (#34 ) * Added input option support * Fix position of input flag * update readme * Update README.md Co-authored-by: Simarpreet Singh <simar@linux.com>	2021-03-24 13:54:13 -07:00
Simarpreet Singh	6890ac5cba	Update README.md	2021-03-19 15:25:03 -07:00