name: "Wait for ECR Scan and Get SARIF"
description: "Waits for an AWS ECR scan to complete and retrieves the SARIF report."
author: "Kevin <kburnett@discoveryedu.com>"

inputs:
  repository_name:
    description: "The name of the ECR repository."
    required: true
  image_tag:
    description: "The tag of the image to scan."
    required: true
  aws_region:
    description: "The AWS region where the ECR repository is located."
    required: true
  output_file:
    description: "The path to save the SARIF report."
    required: true
    default: "report.sarif"

outputs:
  sarif_report:
    description: "The SARIF report generated by the scan."

runs:
  using: "docker"
  image: "python:3.12"
  args:
    - "python"
    - "/wait-for-ecr-scan-and-get-sarif/main.py"

steps:
  - name: Check out the repository
    uses: actions/checkout@v2

  - name: Install dependencies
    run: |
      pip install -r /wait-for-ecr-scan-and-get-sarif/requirements.txt

  - name: Run the Python script to wait for ECR scan and get SARIF
    run: |
      python /wait-for-ecr-scan-and-get-sarif/main.py \
        --repository_name ${{ inputs.repository_name }} \
        --image_tag ${{ inputs.image_tag }} \
        --aws_region ${{ inputs.aws_region }} \
        --output_file ${{ inputs.output_file }}
    id: run_script

  - name: Set the output
    run: |
      echo "::set-output name=sarif_report::$(cat ${{ inputs.output_file }})"