action.yml

# Copyright 2024 Dotanuki Labs
# SPDX-License-Identifier: MIT

name: "appsweep-scan-action"
description: "Scan Android or iOS artifacts for security issues with Guardsquare Appsweep"

inputs:
  archive-file:
    description: >
      Path to the deployable archive to scan.
      Accepted formats: '.aab' + '.apk' (Android); '.ipa' + '.xcarchive' (iOS)
    required: true
  symbols:
    description: >
      Path to the R8/proguard mappings file (Android) or folder with dSyms (iOS)
    required: false
    default: "none"
  wait-for-summary:
    description: >
      Whether or not this Action should wait for scan outcomes and show the summary of issues
    default: "none"
    required: false

runs:
  using: "composite"
  steps:
    - shell: bash
      run: ${{ github.action_path }}/main.sh --archive ${{ inputs.archive-file }} --extras ${{ inputs.symbols }} --summary ${{ inputs.wait-for-summary }}