action.yml

name: Precaution Action
description: Analyze source code using Precaution
author: '@securesauce'

branding:
  icon: shield
  color: white

inputs:
  path:
    description: 'source file(s) or directory(s) to be analyzed'
    required: false
    default: '.'
  disable:
    description: 'comma-separated list of rule IDs or names to disable'
    required: false
    default: 'DEFAULT'

runs:
  using: composite
  steps:
    - name: Set up Python 3.13
      uses: actions/setup-python@v5
      with:
        python-version: 3.13

    - name: Install precli
      shell: bash
      run: |
        pip install precli

    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Run Precaution analysis
      shell: bash
      run: |
        if [ "$INPUT_DISABLE" == "DEFAULT" ]; then
            DISABLE=""
        else
            DISABLE="-s $INPUT_DISABLE"
        fi
        precli --json -o results.sarif -r $INPUT_PATH $DISABLE
      env:
        INPUT_PATH: ${{ inputs.path }}
        INPUT_DISABLE: ${{ inputs.disable }}

    - name: Upload SARIF file
      uses: github/codeql-action/upload-sarif@v3
      with:
        sarif_file: results.sarif