feat: add debug option to scanner definition (#17)

lacework · Aug 5, 2022 · 0362a01 · 0362a01
1 parent 5cd2cd1
commit 0362a01
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -11,7 +11,7 @@ Github Action for using the Lacework Inline image scanner in workflows
 To add the scanner to your workflow:
 
 ```yaml
-- uses: lacework/[email protected].0
+- uses: lacework/[email protected].1
   name: Scan container image for vulnerabitilies using Lacework
   with:
     LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }} 
@@ -32,14 +32,15 @@ Options:
 | `SAVE_RESULTS_IN_LACEWORK` | Save results to your Lacework account                                                                                                            | `true`                                 |
 | `SAVE_BUILD_REPORT`        | Saves the evaluation report as a local HTML file.                                                                                                | `false`                                |
 | `BUILD_REPORT_FILE_NAME`   | Specify custom file name for the HTML evalutation report                                                                                         | `<OS_TYPE>-<IMAGE_DIGEST_SHA256>.html` |
+| `LW_SCANNER_ENABLE_DEBUGGING` | Enables debug logging from scanner  | `false` |
 
 ## Example
 
 ```yaml
 jobs:
     build:
         steps:
-            - uses: lacework/[email protected].0
+            - uses: lacework/[email protected].1
               name: Scan container images for vulnerabitilies using Lacework
               with:
                 LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }} 

diff --git a/action.yaml b/action.yaml
@@ -29,6 +29,9 @@ inputs:
   BUILD_REPORT_FILE_NAME:
     description: "Specify custom file name for the HTML evalutation report, by default the name is OS_TYPE-IMAGE_DIGEST_SHA256.html."
     required: false
+  LW_SCANNER_ENABLE_DEBUGGING:
+    description: "Enable debug logging for scanner"
+    required: false
 runs:
   using: "docker"
   image: "Dockerfile"
@@ -41,6 +44,7 @@ runs:
     - ${{ inputs.SAVE_RESULTS_IN_LACEWORK }}
     - ${{ inputs.SAVE_BUILD_REPORT }}
     - ${{ inputs.BUILD_REPORT_FILE_NAME }}
+    - ${{ inputs.LW_SCANNER_ENABLE_DEBUGGING }}
 branding:
   icon: "alert-triangle"
   color: "blue"
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -2,6 +2,7 @@
 
 export LW_ACCOUNT_NAME=${INPUT_LW_ACCOUNT_NAME}
 export LW_ACCESS_TOKEN=${INPUT_LW_ACCESS_TOKEN}
+export LW_SCANNER_ENABLE_DEBUGGING=${INPUT_LW_SCANNER_ENABLE_DEBUGGING:-false}
 
 # Disable update prompt for lw-scanner if newer version is available unless explicitly set
 export LW_SCANNER_DISABLE_UPDATES=${LW_SCANNER_DISABLE_UPDATES:-true}