New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
change default behavior so action fails on medium (and higher) severities #86
Conversation
650afb7
to
7dad812
Compare
action.yml
Outdated
@@ -15,9 +15,9 @@ inputs: | |||
required: false | |||
default: 'false' | |||
fail-build: | |||
description: 'Set to any value to cause build to fail upon failed anchore policy evaluation' | |||
description: 'Set to false to avoid failing based on severity level. Default is to fail when severity threshold is met' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd suggest being consistent with what we call the severity threshold. Here was say "severity threshold", but it looks like elsewhere in this action's settings we say "severity-cutoff"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@luhring I went to make the change, but the thing is that severity-cutoff
is the key, not a wording. So I could make everything refer to that key instead. Is that what you were thinking too?
That is: the severity threshold is the value for the severity-cutoff
configuration key
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alfredodeza I think I'm missing something - perhaps a 3 min zoom session would set me straight 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've updated this to use severity-cutoff
instead of "severity threshold"
Signed-off-by: Alfredo Deza <adeza@anchore.com>
Signed-off-by: Alfredo Deza <adeza@anchore.com>
Signed-off-by: Alfredo Deza <adeza@anchore.com>
Signed-off-by: Alfredo Deza <adeza@anchore.com>
Signed-off-by: Alfredo Deza <adeza@anchore.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Fixes issue #83