name: Aikido Security PR Scan
description: Run an Aikido local PR diff scan (detects newly introduced issues)

inputs:
  apikey:
    description: Aikido CI API key
    required: true
  organization:
    description: Organization or owner name
    required: true
  repository-name:
    description: Repository name
    required: true
  base-commit-id:
    description: Base commit SHA
    required: true
  head-commit-id:
    description: Head commit SHA
    required: true
  branch-name:
    description: Branch name
    required: true
  fail-on:
    description: 'Minimum severity to fail on: low, medium, high, critical'
    default: high
    required: false

runs:
  using: docker
  image: Dockerfile
  args:
    - --apikey
    - ${{ inputs.apikey }}
    - --repositoryname
    - ${{ inputs.organization }}/${{ inputs.repository-name }}
    - --branchname
    - ${{ inputs.branch-name }}
    - --gating-mode
    - pr
    - --fail-on
    - ${{ inputs.fail-on }}
    - --base-commit-id
    - ${{ inputs.base-commit-id }}
    - --head-commit-id
    - ${{ inputs.head-commit-id }}
    - --include-dev-deps