codiga
diff --git a/‎README.md‎
Lines changed: 14 additions & 18 deletions b/‎README.md‎
Lines changed: 14 additions & 18 deletions
diff --git a/‎action.yml‎
Lines changed: 13 additions & 2 deletions b/‎action.yml‎
Lines changed: 13 additions & 2 deletions
diff --git a/‎entrypoint.sh‎
Lines changed: 27 additions & 4 deletions b/‎entrypoint.sh‎
Lines changed: 27 additions & 4 deletions
diff --git a/‎images/api-token-creation.gif‎
1.53 MB b/‎images/api-token-creation.gif‎
1.53 MB
diff --git a/‎images/ci-api-keys.png‎
-28.7 KB b/‎images/ci-api-keys.png‎
-28.7 KB
diff --git a/‎images/ci-generate-api-keys.png‎
-26.7 KB b/‎images/ci-generate-api-keys.png‎
-26.7 KB
diff --git a/‎images/github-action-secrets.png‎
43.8 KB b/‎images/github-action-secrets.png‎
43.8 KB
diff --git a/‎images/github-add-access-key.png‎
-84.3 KB b/‎images/github-add-access-key.png‎
-84.3 KB
diff --git a/‎images/github-add-api-token.png‎
106 KB b/‎images/github-add-api-token.png‎
106 KB
diff --git a/‎images/github-add-secret-key.png‎
-82.9 KB b/‎images/github-add-secret-key.png‎
-82.9 KB
@@ -19,38 +19,33 @@ The action lets you customize the number of metrics based on
 
 ## How to use it?
 
-### Step 1: Get your Code Inspector API keys
+### Step 1: Get your Code Inspector API Token
 
 Sign up on [Code Inspector](https://www.code-inspector.com).
 
-In your profile, generate API keys.
+In the top right menu go to API token
 
-![Generate API keys](images/ci-generate-api-keys.png)
+![Generate API Token](images/api-token-creation.gif)
 
 
-Once you click on the button, the following window will appear.
+Create a token and save it.
 
-![Example API keys](images/ci-api-keys.png)
 
+### Step 2: Configure your Code Inspector API Token in your GitHub repository
 
-### Step 2: Configure your Code Inspector API keys in your GitHub repository
-
-You need to add your Code Inspector API keys into GitHub.
+You need to add your Code Inspector API Token into GitHub.
 
 On GitHub, go in your repository settings, click on the secret *Secrets* (on the right) and create a new secret.
 
-Create a secret called `CODE_INSPECTOR_ACCESS_KEY` and set it to the value of the access key generated at the previous step.
-
-![Example API keys](images/github-add-access-key.png)
+Create a secret called `CODE_INSPECTOR_API_TOKEN` and set it to the value of the API token generated at the previous step.
 
+![Create API token on GitHub](images/github-add-api-token.png)
 
-Create another secret called `CODE_INSPECTOR_SECRET_KEY` and set it to the value of the secret key generated at the previous step.
 
-![Example API keys](images/github-add-secret-key.png)
+Once the secret is created, the secrets page will look as follow.
 
-Once all secrets have been created, we should have the following secrets generated.
 
-![Example API keys](images/github-keys-generated.png)
+![Example API token on GitHub](images/github-action-secrets.png)
 
 
 ### Step 3: Configure the GitHub action
@@ -71,8 +66,8 @@ jobs:
       uses: codeinspectorio/github-action@master
       with:
         repo_token: ${{ secrets.GITHUB_TOKEN }}
-        code_inspector_access_key: ${{ secrets.CODE_INSPECTOR_ACCESS_KEY }}
-        code_inspector_secret_key: ${{ secrets.CODE_INSPECTOR_SECRET_KEY }}
+        code_inspector_api_token: ${{ secrets.CODE_INSPECTOR_API_TOKEN }}
+        force_ref: 'none'
         min_quality_grade: 'WARNING'
         min_quality_score: '50'
         max_defects_rate: '0.0001'
@@ -85,9 +80,10 @@ jobs:
 The following parameters should *NOT* be changed:
 
  * **repo_token**: this is how Code Inspector can access your repository
- * **code_inspector_access_key** and **code_inspector_access_key**: this is how the action can communicate with the Code Inspector analysis engine.
+ * **code_inspector_api_token**: this is how the action can communicate with the Code Inspector analysis engine.
 
 The following parameters can be changed:
+ * **force_branch** is used to force the branch being checked. Use 'none' if you want to analyze the current branch.
  * **min_quality_grade**: the minimum grade your project should have. Valid values are: `EXCELLENT`, `GOOD`, `NEUTRAL`, `WARNING`, `CRITICAL`
  * **min_quality_score**: the minimum code quality score your project should have. This is a value between `0` and `100`.
  * **max_defects_rate**: the number of defects per line of code. For example, the value `0.001` means 1 defect per 1000 lines of codes.
 
@@ -5,11 +5,17 @@ inputs:
     description: 'Token to checkout the repository.'
     required: true
   code_inspector_access_key:
-    description: 'Access key on Code Inspector'
+    description: 'Access key on Code Inspector. Set to none if you use the API Token.'
     required: true
+    default: ''
   code_inspector_secret_key:
-    description: 'Secret key on Code Inspector'
+    description: 'Secret key on Code Inspector. Set to none if you use the API Token.'
+    required: true
+    default: ''
+  code_inspector_api_token:
+    description: 'API Token to access Code Inspector. Set to none if you use access and secret keys'
     required: true
+    default: ''
   min_quality_grade:
     description: 'Minimum grade. Valid options are EXCELLENT, GOOD, NEUTRAL, WARNING, CRITICAL. Leave blank to ignore.'
     required: true
@@ -38,6 +44,10 @@ inputs:
     description: 'Timeout before giving up (in case analysis takes too long). Default is 10 minutes'
     required: true
     default: '600'
+  force_ref:
+    description: 'Force the GitHub action to analyze a given ref. Leave to none if you want to analyze branch being pushed (default)'
+    required: true
+    default: 'none'
 branding:
   icon: 'search'  
   color: 'blue'
@@ -52,3 +62,4 @@ runs:
     - ${{ inputs.max_long_functions_rate }}
     - ${{ inputs.project_name }}
     - ${{ inputs.max_timeout_sec }}
+    - ${{ inputs.force_ref }}
@@ -9,6 +9,7 @@ MAX_COMPLEX_FUNCTIONS_RATE=$4
 MAX_LONG_FUNCTIONS_RATE=$5
 PROJECT_NAME=$6
 MAX_TIMEOUT_SEC=$7
+FORCE_REF=$8
 
 
 echo "Code Inspector GitHub action"
@@ -21,16 +22,38 @@ echo "MAX_COMPLEX_FUNCTIONS_RATE: ${MAX_COMPLEX_FUNCTIONS_RATE}"
 echo "MAX_LONG_FUNCTIONS_RATE:    ${MAX_LONG_FUNCTIONS_RATE}"
 echo "PROJECT_NAME:               ${PROJECT_NAME}"
 echo "MAX_TIMEOUT_SEC:            ${MAX_TIMEOUT_SEC}"
+echo "FORCE_REF:                  ${FORCE_REF}"
 
-export CODE_INSPECTOR_ACCESS_KEY=${INPUT_CODE_INSPECTOR_ACCESS_KEY}
-export CODE_INSPECTOR_SECRET_KEY=${INPUT_CODE_INSPECTOR_SECRET_KEY}
+
+if [ "$INPUT_CODE_INSPECTOR_API_TOKEN" != "" ]; then
+  echo "Authentication using API token"
+  export CODE_INSPECTOR_API_TOKEN=${INPUT_CODE_INSPECTOR_API_TOKEN}
+fi
+
+if [ "$INPUT_CODE_INSPECTOR_ACCESS_KEY" != "" ] && [ "$INPUT_CODE_INSPECTOR_SECRET_KEY" != "" ]; then
+  echo "Authentication using access/secret keys"
+  export CODE_INSPECTOR_ACCESS_KEY=${INPUT_CODE_INSPECTOR_ACCESS_KEY}
+  export CODE_INSPECTOR_SECRET_KEY=${INPUT_CODE_INSPECTOR_SECRET_KEY}
+fi
+
+
+# By default, use the GitHub ref
+REF_TO_CHECK=${GITHUB_REF}
+SHA_TO_CHECK=${GITHUB_SHA}
+
+# If the branch is forced, we do not specify a SHA and force the branch
+if [ "$FORCE_REF" != "" ] && [ "$FORCE_REF" != "none" ]; then
+  echo "Forcing ref to ${FORCE_REF}"
+  REF_TO_CHECK=${FORCE_REF}
+  SHA_TO_CHECK="none"
+fi
 
 ${CODE_INSPECTOR_BIN} \
   --token "${INPUT_REPO_TOKEN}" \
   --actor "${GITHUB_ACTOR}" \
   --repository "${GITHUB_REPOSITORY}" \
-  --sha "${GITHUB_SHA}" \
-  --ref "${GITHUB_REF}" \
+  --sha "${SHA_TO_CHECK}" \
+  --ref "${REF_TO_CHECK}" \
   --project "${PROJECT_NAME}" \
   --min-quality-score "${MIN_QUALITY_SCORE}" \
   --min-quality-grade "${MIN_QUALITY_GRADE}" \