# aikido-pr-scan

Composite wrapper around the Aikido PR Docker scan. Automatically resolves repository, branch, and commit info from the Forgejo context — only the API key needs to be supplied by the caller.

## Inputs

| Input | Required | Default | Description |
|-------|----------|---------|-------------|
| `apikey` | Yes | — | Aikido CI API key |
| `fail-on` | No | `high` | Minimum severity to fail on: `low`, `medium`, `high`, `critical` |

## Usage

```yaml
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/aikido-pr-scan@aikido-pr-scan-v1
  with:
    apikey: ${{ secrets.AIKIDO_API_KEY }}
    fail-on: high
```

## Notes

- Delegates to `actions/internal-aikido-pr-scan` with organization, repository name, branch name, and base/head commit SHAs resolved automatically from the Forgejo context.