name: Aikido Security Full Scan
description: >
  Composite wrapper around the Aikido full-release Docker scan.
  Automatically resolves repository and branch info from the forgejo context.
  Only the API key needs to be supplied by the caller.

inputs:
  apikey:
    description: Aikido CI API key
    required: true

runs:
  using: composite
  steps:
    - name: Normalize repository name
      id: repo
      shell: bash
      run: |
        repo="${{ forgejo.repository }}"
        echo "name=${repo#/}" >> $GITHUB_OUTPUT

    - uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/internal-aikido-full-scan@internal-aikido-full-scan-v1
      with:
        apikey: ${{ inputs.apikey }}
        repository-name: ${{ steps.repo.outputs.name }}
        branch-name: ${{ forgejo.ref_name }}