conflic 1.1.6

Detect semantic contradictions across config files
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

name: "conflic-scan"
description: "Detect semantic contradictions across config files — CI gate for configuration drift"
author: "onplt"

branding:
  icon: "search"
  color: "orange"

inputs:
  version:
    description: "Conflic version to install (e.g., '1.0.1'). Use 'latest' for the most recent release."
    required: false
    default: "latest"
  path:
    description: "Directory to scan"
    required: false
    default: "."
  severity:
    description: "Minimum severity to report: error, warning, info"
    required: false
    default: "error"
  fail-on:
    description: "Severity threshold that causes the action to fail: error, warning, info, none"
    required: false
    default: "error"
  diff:
    description: "Git ref for diff-scoped scan. Use 'auto' to detect PR base automatically."
    required: false
    default: ""
  sarif-upload:
    description: "Upload SARIF results to GitHub Code Scanning"
    required: false
    default: "true"
  baseline:
    description: "Path to baseline file to suppress known findings"
    required: false
    default: ""
  config:
    description: "Path to .conflic.toml configuration file"
    required: false
    default: ""
  args:
    description: "Additional CLI arguments to pass to conflic"
    required: false
    default: ""

outputs:
  exit-code:
    description: "Raw conflic exit code (0=clean, 1=errors, 2=warnings)"
    value: ${{ steps.run.outputs.exit-code }}
  error-count:
    description: "Number of error-level findings"
    value: ${{ steps.run.outputs.error-count }}
  warning-count:
    description: "Number of warning-level findings"
    value: ${{ steps.run.outputs.warning-count }}
  sarif-file:
    description: "Path to generated SARIF file (if sarif-upload is enabled)"
    value: ${{ steps.run.outputs.sarif-file }}

runs:
  using: "composite"
  steps:
    - name: Install conflic
      shell: bash
      run: bash "$ACTION_PATH/scripts/install-conflic.sh"
      env:
        ACTION_PATH: ${{ github.action_path }}
        CONFLIC_VERSION: ${{ inputs.version }}
        GITHUB_TOKEN: ${{ github.token }}

    - name: Run conflic
      id: run
      shell: bash
      run: bash "$ACTION_PATH/scripts/run-conflic.sh"
      env:
        ACTION_PATH: ${{ github.action_path }}
        INPUT_PATH: ${{ inputs.path }}
        INPUT_SEVERITY: ${{ inputs.severity }}
        INPUT_FAIL_ON: ${{ inputs.fail-on }}
        INPUT_DIFF: ${{ inputs.diff }}
        INPUT_BASELINE: ${{ inputs.baseline }}
        INPUT_CONFIG: ${{ inputs.config }}
        INPUT_SARIF_UPLOAD: ${{ inputs.sarif-upload }}
        INPUT_ARGS: ${{ inputs.args }}
        PR_BASE_SHA: ${{ github.event.pull_request.base.sha }}

    - name: Upload SARIF
      if: inputs.sarif-upload == 'true' && always() && steps.run.outputs.sarif-file != ''
      uses: github/codeql-action/upload-sarif@v3
      with:
        sarif_file: ${{ steps.run.outputs.sarif-file }}
        category: conflic