action.yml

name: Jetstack Paranoia
description: |
  Validate the presence or absence of certificate authorities in your container image.
inputs:
  target_tar:
    description: |
      Link to a .tar file of a container image to inspect.
      Should be on the format `file://<file>`
    required: true
  config:
    description: |
      Path to paranoia configuration file
    default: .paranoia.yaml
  permissive:
    description: |
      Permissive mode only validates that certificate authorities that are forbidden in your
      config file are not present, or ones that are required are present. All other certificate
      authorities are permitted.
    default: 'false'
  quiet:
    description: |
      On a validation failure, don't actually fail the action.
    default: 'false'
branding:
  icon: award
  color: yellow
runs:
  using: 'docker'
  image: 'Dockerfile'
  args:
    - validate
    - --config=${{ inputs.config }}
    - --permissive=${{ inputs.permissive }}
    - --quiet=${{ inputs.quiet }}
    - ${{ inputs.target_tar }}