-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathaction.yaml
42 lines (37 loc) · 1.69 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
name: 'Pynt Newman GitHub Action'
description: 'Pynt API Security Tests'
author: 'Pynt.io'
branding:
icon: 'check-circle'
color: 'blue'
inputs:
base-path:
description: 'Path where Postman collection/environment files exist.'
required: true
postman-collection-filename:
description: 'Postman collection file name (should exist under "base-path").'
required: true
postman-environment-filename:
description: 'Postman environment file name, if needed (should exist under "base-path").'
required: false
fail-workflow:
description: 'Choose whether to fail the workflow if Pynt security tests return findings. Default: false'
required: false
default: "false"
runs:
using: "composite"
steps:
- id: run_latest_pynt
shell: bash
run: |
[[ "${{ inputs.base-path }}" ]] || { echo "base-path input is empty" ; exit 1; }
[[ "${{ inputs.postman-collection-filename }}" ]] || { echo "postman-collection-filename input is empty" ; exit 1; }
echo "${{ toJson(github) }}" > ${{ inputs.base-path }}/github
docker pull ghcr.io/pynt-io/pynt:latest
if [ -z "${{inputs.postman-environment-filename}}" ]
then
docker run -v "${{ inputs.base-path }}":/etc/pynt/ --rm --network="host" ghcr.io/pynt-io/pynt:latest -c "${{ inputs.postman-collection-filename }}" -r
else
docker run -v "${{ inputs.base-path }}":/etc/pynt/ --rm --network="host" ghcr.io/pynt-io/pynt:latest -c "${{ inputs.postman-collection-filename }}" -e "${{ inputs.postman-environment-filename }}" -r
fi
if [ "${{inputs.fail-workflow}}" == "true" ] && test -f ${{ inputs.base-path }}/results/results.json; then exit 1 ; fi