#31 Adds in the ability to select output fmt and file (#32)

* add the required params * handle output to a file * update docs * fix for shellcheck * TFSEC_FORMAT is set to always have a value * Update README.md Co-authored-by: Tom Riat <[email protected]> * Update action.yml Co-authored-by: Tom Riat <[email protected]> * Update action.yml Co-authored-by: Tom Riat <[email protected]> Co-authored-by: Tom Riat <[email protected]>
triat · Mar 22, 2021 · d54fd77 · d54fd77
1 parent aac94ab
commit d54fd77
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -11,7 +11,9 @@ The action requires the https://github.com/actions/checkout before to download t
 * `tfsec_actions_working_dir` - (Optional) Terraform working directory location. Defaults to `'.'`.
 * `tfsec_exclude` - (Optional) Provide checks via `,` without space to exclude from run. No default
 * `tfsec_version` - (Optional) Specify the version of tfsec to install. Defaults to the latest
-
+* `tfsec_output_format` - (Optional) The output required default, json, csv, checkstyle, junit, sarif (check `tfsec` for an extensive list)
+* `fsec_output_file` - (Optional) The name of the output file
+
 ## Outputs
 
 None

diff --git a/action.yml b/action.yml
@@ -16,6 +16,13 @@ inputs:
   tfsec_version:
     description: 'Specify the version of tfsec to install'
     required: false
+  tfsec_output_format:
+    description: 'The output required default, json, csv, checkstyle, junit, sarif (check `tfsec` for an extensive list)'
+    default: 'default'
+    required: false
+  tfsec_output_file:
+    description: 'The name of the output file'
+    required: false
 runs:
   using: 'docker'
   image: './Dockerfile'

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -1,5 +1,15 @@
 #!/bin/bash
 
+#Select the output format
+TFSEC_FORMAT="-f ${TFSEC_OUTPUT_FORMAT}"
+
+#select the output file
+if [ "${TFSEC_OUTPUT_FILE}" != "" ]; then
+  TFSEC_FILE="--out ${TFSEC_OUTPUT_FILE}"
+else
+  TFSEC_FILE=""
+fi
+
 # Comment on the pull request if necessary.
 if [ "${INPUT_TFSEC_ACTIONS_WORKING_DIR}" != "" ] && [ "${INPUT_TFSEC_ACTIONS_WORKING_DIR}" != "." ]; then
   TFSEC_WORKING_DIR="/github/workspace/${INPUT_TFSEC_ACTIONS_WORKING_DIR}"
@@ -15,9 +25,9 @@ else
 fi
 
 if [[ -n "$INPUT_TFSEC_EXCLUDE" ]]; then
-  TFSEC_OUTPUT=$(/go/bin/tfsec ${TFSEC_WORKING_DIR} --no-colour -e "${INPUT_TFSEC_EXCLUDE}")
+  TFSEC_OUTPUT=$(/go/bin/tfsec ${TFSEC_WORKING_DIR} --no-colour -e "${INPUT_TFSEC_EXCLUDE} ${TFSEC_FORMAT} ${TFSEC_FILE}")
 else
-  TFSEC_OUTPUT=$(/go/bin/tfsec ${TFSEC_WORKING_DIR} --no-colour)
+  TFSEC_OUTPUT=$(/go/bin/tfsec ${TFSEC_WORKING_DIR} --no-colour "${TFSEC_FORMAT} ${TFSEC_FILE}")
 fi
 TFSEC_EXITCODE=${?}