feat: Artifact types

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2021-02-18 21:12:28 +01:00
1 changed files with 10 additions and 3 deletions
@@ -5,6 +5,13 @@ inputs:
  image-ref:
    description: 'image reference'
    required: true
+  artifact-type:
+    description: 'artifact type (image or fs)'
+    required: true
+    default: "image"
+  aritfact-ref:
+    description: 'artifact reference (image reference or file path)'
+    required: true
  exit-code:
    description: 'exit code when vulnerabilities were found'
    required: false
@@ -12,7 +19,7 @@ inputs:
  ignore-unfixed:
    description: 'ignore unfixed vulnerabilities'
    required: false
-    default: false
+    default: "false"
  vuln-type:
    description: 'comma-separated list of vulnerability types (os,library)'
    required: false
@@ -37,7 +44,7 @@ runs:
  using: 'docker'
  image: 'docker://docker.io/aquasec/trivy:latest'
  args:
-    - 'image'
+    - '${{ inputs.artifact-type }}'
    - '--format=${{ inputs.format }}'
    - '--template=${{ inputs.template }}'
    - '--exit-code=${{ inputs.exit-code }}'
@@ -45,4 +52,4 @@ runs:
    - '--vuln-type=${{ inputs.vuln-type }}'
    - '--severity=${{ inputs.severity }}'
    - '--output=${{ inputs.output }}'
-    - '${{ inputs.image-ref }}'
+    - '${{ inputs.artifact-ref }}'