From 70377d542f0b1f693ab8d2647ca373ed740511a1 Mon Sep 17 00:00:00 2001
From: ashwiniag <ashwinigaddagiwork@gmail.com>
Date: Sat, 12 Oct 2024 21:13:21 +0530
Subject: [PATCH] plugin: adds github action to integrate with CI/CD flow

---
 .github/actions/gokakashi-scan/action.yaml | 9 ++++-----
 .github/actions/gokakashi-scan/index.js    | 4 ++--
 .github/workflows/scan.yaml                | 2 +-
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/actions/gokakashi-scan/action.yaml b/.github/actions/gokakashi-scan/action.yaml
index 5e36ad3..d259470 100644
--- a/.github/actions/gokakashi-scan/action.yaml
+++ b/.github/actions/gokakashi-scan/action.yaml
@@ -20,11 +20,10 @@ inputs:
     description: 'The publish path for the scan report'
     required: false
     default: 'report_private'
-  inputs:
-    fail_on_severity:
-      description: 'Comma-separated list of severity levels to fail the job on (e.g., CRITICAL,HIGH)'
-      required: false
-      default: 'CRITICAL'
+  fail_on_severity:
+    description: 'Comma-separated list of severity levels to fail the job on (e.g., CRITICAL,HIGH)'
+    required: false
+    default: 'CRITICAL'
 
 
 outputs:
diff --git a/.github/actions/gokakashi-scan/index.js b/.github/actions/gokakashi-scan/index.js
index 3dfab96..416ab8b 100644
--- a/.github/actions/gokakashi-scan/index.js
+++ b/.github/actions/gokakashi-scan/index.js
@@ -67,7 +67,7 @@ async function run() {
         // Step 3: Check the scan report for vulnerabilities
         const reportResponse = await fetch(reportUrl);
         const reportData = await reportResponse.json();
-        const failOnSeverity = core.getInput('fail_on_severity'); // Get user-defined severity level
+        const failOnSeverity = getInput('fail_on_severity'); // Get user-defined severity level
         // const hasVulnsToFail = reportData.vulnerabilities.some(vuln => vuln.severity === failOnSeverity);
 
         if (failOnSeverity) {
@@ -78,7 +78,7 @@ async function run() {
                 severitiesToFailOn.includes(vuln.severity)
             );
             if (hasVulnsToFail) {
-                core.setFailed(`Vulnerabilities found with severity: ${severitiesToFailOn.join(', ')}`);
+                setFailed(`Vulnerabilities found with severity: ${severitiesToFailOn.join(', ')}`);
             } else {
                 console.log(`No vulnerabilities found with severity: ${severitiesToFailOn.join(', ')}`);
             }
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
index fae5e0b..be765d2 100644
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@@ -21,7 +21,7 @@ jobs:
           image_name: 'hasura/graphql-engine:v2.35.0'
           severity: 'CRITICAL,HIGH'
           publish: 'report_private'
-          fail_on_severity: 'HIGH,CRITICAL'
+#          fail_on_severity: 'HIGH,CRITICAL'
 
       - name: Log the Scan Report URL
         run: |