{"id":23613684,"url":"https://github.com/freckle/wiz-action","last_synced_at":"2026-04-09T12:24:15.879Z","repository":{"id":201230615,"uuid":"707264944","full_name":"freckle/wiz-action","owner":"freckle","description":null,"archived":false,"fork":false,"pushed_at":"2024-05-21T17:51:45.000Z","size":559,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":7,"default_branch":"main","last_synced_at":"2024-05-22T13:45:05.478Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/freckle.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-19T14:44:44.000Z","updated_at":"2024-05-30T02:15:29.203Z","dependencies_parsed_at":"2023-10-23T17:34:39.042Z","dependency_job_id":"3006dd79-941f-43d1-9172-1932f655f412","html_url":"https://github.com/freckle/wiz-action","commit_stats":null,"previous_names":["freckle/wiz-action"],"tags_count":6,"template":false,"template_full_name":"freckle/typescript-action-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freckle%2Fwiz-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freckle%2Fwiz-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freckle%2Fwiz-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freckle%2Fwiz-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/freckle","download_url":"https://codeload.github.com/freckle/wiz-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239491352,"owners_count":19647811,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-27T17:18:46.440Z","updated_at":"2026-01-08T11:09:56.286Z","avatar_url":"https://github.com/freckle.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Wiz Action\n\nThis action roughly implements [this configuration][docs] to scan docker images\nwith the Wiz CLI.\n\n[docs]: https://docs.wiz.io/wiz-docs/docs/github-pipeline#image-scan\n\n## Usage\n\n```yaml\n- run: docker build --tag myimage .\n- uses: freckle/wiz-action@v1\n  with:\n    wiz-client-id: ${{ secrets.WIZ_CLIENT_ID }}\n    wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }}\n    image: myimage\n```\n\n## Usage with Buildx Action\n\n```yaml\n- id: build\n  uses: docker/build-push-action@v5\n  with:\n    tags: ${{ steps.meta.outputs.tags }}\n    load: true # required so we can scan it\n\n- uses: freckle/wiz-action@v1\n  with:\n    wiz-client-id: ${{ secrets.WIZ_CLIENT_ID }}\n    wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }}\n    image: ${{ steps.build.outputs.imageid }}\n    custom-policies: tvm_automation_policy\n```\n\n## Inputs and Outputs\n\n### Inputs\n\n**Required**:\n\n- `wiz-client-id`: Wiz [Service Account] Client Id\n- `wiz-client-secret`: Wiz [Service Account] Client Secret\n- `image`: The image to scan\n\n[service account]: https://docs.wiz.io/wiz-docs/docs/set-up-wiz-cli#generate-a-wiz-service-account-key\n\n**Optional**:\n\n- `custom-policies`: Custom policies to use (comma-separated).\n- `fail`: Fail the job if the image violates policy? Default is `true`. Note\n  that scan _errors_ will fail the job regardless of this setting.\n- `pull`: Run `docker pull \u003cimage\u003e` before scanning? Default is `false`.\n\n### Outputs\n\n- `scan-id`: the Id of the Scan Result report.\n- `scan-url`: the URL of the Scan Result report.\n- `scan-result`: the outcome of the scan, one of `passed`, `failed`, or `error`.\n\nSee [action.yml](./action.yml) for a complete list of inputs and outputs.\n\n### Job Summaries\n\nThis action can fetch the scan results back from the Wiz API and print a nicely\nformatted [Job Summary][summary-docs] for you. However, interacting with the Wiz\nAPI uses two additional inputs:\n\n[summary-docs]: https://github.blog/2022-05-09-supercharging-github-actions-with-job-summaries/\n\n- `wiz-api-endpoint-url`: The host API, e.g.\n  `https://api.us19.app.wiz.io/graphql`.\n- `wiz-api-idp`: IdP used for the API, `auth0` or `cognito` (default). This is\n  only needed if your account hasn't migrated to Cognito yet.\n\nTo find these values for yourself, visit [this page][wiz-tenant].\n\n[wiz-tenant]: https://app.wiz.io/user/tenant\n\n## Versioning\n\nVersioned tags will exist, such as `v1.0.0` and `v2.1.1`. Tags will exist for\neach major version, such as `v1` or `v2` and contain the newest version in that\nseries.\n\n## Release\n\nTo trigger a release (and update the `@v{major}` tag), merge a commit to `main`\nthat follows [Conventional Commits][]. In short,\n\n- `fix:` to trigger a patch release,\n- `feat:` for minor, and\n- `feat!:` and major\n\nWe don't enforce conventional commits generally (though you are free do so),\nit's only required if you want to trigger release.\n\n[conventional commits]: https://www.conventionalcommits.org/en/v1.0.0/#summary\n\n---\n\n[LICENSE](./LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreckle%2Fwiz-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffreckle%2Fwiz-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreckle%2Fwiz-action/lists"}