Merge pull request #151 from IABTechLab/vse-UID2-4968-ignore-google-auth-private-key-string-secret

Ignore false positive private key secret in google-auth python lib

Author: vishalegbert-ttd

actions/vulnerability_scan/action.yaml

@@ -19,6 +19,9 @@ inputs:
   full_report:
     description: Whether to scan and report for MEDIUM,HIGH,CRITICAL
     default: 'false'
+  skip_files:
+    description: Comma separated list of files to skip during scanning
+    default: ''
 runs:
   using: "composite"
   steps:
@@ -81,6 +84,7 @@ runs:
     with:
       image-ref: ${{ inputs.image_ref }}
       scan-type: ${{ inputs.scan_type }}
+      skip-files: ${{ inputs.skip_files }}
       format: 'sarif'
       exit-code: '0'
       ignore-unfixed: true
@@ -103,6 +107,7 @@ runs:
     with:
       image-ref: ${{ inputs.image_ref }}
       scan-type: ${{ inputs.scan_type }}
+      skip-files: ${{ inputs.skip_files }}
       format: 'table'
       exit-code: '0'
       ignore-unfixed: true
@@ -117,6 +122,7 @@ runs:
     with:
       image-ref: ${{ inputs.image_ref }}
       scan-type: ${{ inputs.scan_type }}
+      skip-files: ${{ inputs.skip_files }}
       format: 'table'
       exit-code: '1'
       ignore-unfixed: true