securefix-action/action.yaml at main · Smidjehoien/securefix-action · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
name: Fix Code securely
description: Securefix Action
inputs:
  # common
  action:
    description: |
      Action to run. One of "client", "validate-config", "prepare", "notify", "commit", "server".
      If server_repository is set, defaults to "client".
    required: false
  app_id:
    description: |
      GitHub App ID
    required: false
  app_private_key:
    description: |
      GitHub App Private Key
    required: false

  outputs:
    description: |
      Prepare action's outputs
    required: false
  # client and commit
  commit_message:
    description: |
      Commit message
    required: false
  # client and notify
  pull_request_comment:
    description: |
      Pull request comment.
      If this is set, a pull request comment is posted after a pull request is created.
    required: false

  # client
  server_repository:
    description: |
      Server repository name
    required: false
  files:
    description: |
      Fixed files
    required: false
  use_git_ls_files:
    description: |
      If true, the action uses `git ls-files` to list committed files.
    required: false
    default: "true"
  fail_if_changes:
    description: |
      If true, the action fails if there are changes.
    required: false
    default: "false"
  repository:
    description: |
      A repository full name where a commit will be pushed.
    required: false
  branch:
    description: |
      A branch where a commit will be pushed.
    required: false
  root_dir:
    description: |
      A Git root directory where a commit will be pushed.
    required: false
  pull_request_title:
    description: |
      A pull request title.
      To create a pull request, this is required.
    required: false
  pull_request_base_branch:
    description: |
      A pull request base branch.
      To create a pull request, this is required.
    required: false
  pull_request_body:
    description: |
      A pull request body.
    required: false
  pull_request_labels:
    description: |
      Pull request labels.
      Each label is separated by a newline.
      Note that labels must exist in the repository.
      This action doesn't create labels.
    required: false
  pull_request_draft:
    description: |
      Create a pull request as draft.
    required: false
    default: "false"
  pull_request_reviewers:
    description: |
      Pull request reviewers.
      Each reviewer is separated by a newline.
    required: false
  pull_request_team_reviewers:
    description: |
      Pull request team reviewers.
      This requires the `members:read` permission.
      Each reviewer is separated by a newline.
    required: false
  pull_request_assignees:
    description: |
      Pull request assignees.
      Each assignee is separated by a newline.
    required: false
  project_owner:
    description: |
      Project owner where the pull request is added.
    required: false
  project_number:
    description: |
      Project number where the pull request is added.
    required: false
  project_id:
    description: |
      Project id where the pull request is added.
    required: false
  milestone_number:
    description: |
      Milestone number where the pull request is added.
    required: false
  automerge_method:
    description: |
      auto-merge method. One of "merge", "squash", or "rebase".
      By default, auto-merge is disabled.
    required: false
  # prepare
  workflow_name:
    description: |
      Client Workflow name. If this is empty, the action does not check the workflow name.
    required: false
    default: securefix
  allow_workflow_fix:
    description: |
      Either true or false. If true, the action allows the workflow to fix the code.
    required: false
    default: "false"
  allow_members_read:
    description: |
      Either true or false. If true, the members:read permission is granted.
    required: false
    default: "false"
  allow_organization_projects_write:
    description: |
      Either true or false. If true, the organization-projects:write permission is granted.
    required: false
    default: "false"

  commit_error:
    description: |
      The output error of the commit action.
    required: false

  config:
    description: |
      YAML config to push other repositories and branches.
    required: false
  config_file:
    description: |
      A file path to YAML config.
    required: false
  label_name:
    description: |
      Label name to trigger the action.
    required: false
    default: ${{github.event.label.name}}
  label_description:
    description: |
      Label description to trigger the action.
      The format must be <repository owner>/<repository name>/<workflow run ID>.
    required: false
    default: ${{github.event.label.description}}
  delete_label:
    description: |
      Either true or false. If true, the label is deleted.
    required: false
    default: "true"
  github_token_to_delete_label:
    description: |
      GitHub token to delete the label.
    required: false
    default: "${{github.token}}"
  # commit
  # notify
runs:
  using: node20
  main: dist/index.js
  post: dist/index.js