Merge pull request #38 from AikidoSec/feat/fail-scan-when-no-scan-is-enabled

willem-delbare · web-flow · commit e9aa8e4e70ce · 2024-03-29T12:12:37.000+01:00
Stop action when no scans are enabled
diff --git a/.github/workflows/verify-build.yaml b/.github/workflows/verify-build.yaml
@@ -7,6 +7,9 @@ on:
   push:
     branches:
       - main
+  pull_request:
+    branches:
+      - '*'
 
 jobs:
   check-dist:
diff --git a/README.md b/README.md
@@ -18,10 +18,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Detect new vulnerabilities
-        uses: AikidoSec/github-actions-workflow@v1.0.9
+        uses: AikidoSec/github-actions-workflow@v1.0.10
         with:
             secret-key: ${{ secrets.AIKIDO_SECRET_KEY }}
             fail-on-timeout: true
diff --git a/dist/index.js b/dist/index.js
@@ -172,6 +172,11 @@ async function run() {
             }
             core.info(`secret key not set.`);
         }
+        if (failOnDependencyScan === 'false' && failOnIacScan === 'false' && failOnSastScan === 'false') {
+            core.setOutput('output', STATUS_FAILED);
+            core.setFailed(`You must enable at least one of the scans.`);
+            return;
+        }
         const scanId = await (0, api_1.startScan)(secretKey, startScanPayload);
         core.info(`successfully started a scan with id: "${scanId}"`);
         const getScanCompletionStatus = (0, api_1.getScanStatus)(secretKey, scanId);
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/main.ts b/src/main.ts
@@ -71,6 +71,12 @@ async function run(): Promise<void> {
 			core.info(`secret key not set.`);
 		}
 
+		if (failOnDependencyScan === 'false' && failOnIacScan === 'false' && failOnSastScan === 'false') {
+			core.setOutput('output', STATUS_FAILED);
+			core.setFailed(`You must enable at least one of the scans.`);
+			return;
+		}
+
 		const scanId = await startScan(secretKey, startScanPayload);
 
 		core.info(`successfully started a scan with id: "${scanId}"`);

Original file line number	Diff line number	Diff line change
`@@ -172,6 +172,11 @@ async function run() {`
`172`	`172`	`}`
`173`	`173`	core.info(`secret key not set.`);
`174`	`174`	`}`
	`175`	`+ if (failOnDependencyScan === 'false' && failOnIacScan === 'false' && failOnSastScan === 'false') {`
	`176`	`+ core.setOutput('output', STATUS_FAILED);`
	`177`	+ core.setFailed(`You must enable at least one of the scans.`);
	`178`	`+ return;`
	`179`	`+ }`
`175`	`180`	`const scanId = await (0, api_1.startScan)(secretKey, startScanPayload);`
`176`	`181`	core.info(`successfully started a scan with id: "${scanId}"`);
`177`	`182`	`const getScanCompletionStatus = (0, api_1.getScanStatus)(secretKey, scanId);`