From ca46f53e94c94b3b3954bf34db6120f8066b4892 Mon Sep 17 00:00:00 2001
From: Naofumi MURATA <n-murata@safie.jp>
Date: Mon, 24 May 2021 21:32:24 +0900
Subject: [PATCH] add input variable to specify tfsec version to install (#18)

* add input variable to specify tfsec version to install

* add description about tfsec_version input
---
 README.md  | 5 +++++
 action.yml | 7 +++++++
 script.sh  | 9 +++++++--
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 51597c2..c51cdbb 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,11 @@ See [reviewdog documentation for exit codes](https://github.com/reviewdog/review
 Optional. Additional reviewdog flags. Useful for debugging errors, when it can be set to `-tee`.
 The default is ``.
 
+### `tfsec_version`
+
+Optional. The version of tfsec to install.
+The default is `latest`.
+
 ### `tfsec_flags`
 
 Optional. List of arguments to send to tfsec.
diff --git a/action.yml b/action.yml
index f60db59..1d4170a 100644
--- a/action.yml
+++ b/action.yml
@@ -38,6 +38,12 @@ inputs:
     description: 'Additional reviewdog flags'
     default: ''
     required: false
+  tfsec_version:
+    description: |
+      The version of tfsec to install.
+      Default is latest.
+    default: 'latest'
+    required: false
   tfsec_flags:
     description: |
       List of arguments to send to tfsec
@@ -73,6 +79,7 @@ runs:
         INPUT_FILTER_MODE: ${{ inputs.filter_mode }}
         INPUT_FAIL_ON_ERROR: ${{ inputs.fail_on_error }}
         INPUT_FLAGS: ${{ inputs.flags }}
+        INPUT_TFSEC_VERSION: ${{ inputs.tfsec_version }}
         INPUT_TFSEC_FLAGS: ${{ inputs.tfsec_flags }}
 
 branding:
diff --git a/script.sh b/script.sh
index c23fa06..dc47ce6 100755
--- a/script.sh
+++ b/script.sh
@@ -32,11 +32,16 @@ echo "::group::🐶 Installing reviewdog (${REVIEWDOG_VERSION}) ... https://gith
   curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b "${REVIEWDOG_PATH}" "${REVIEWDOG_VERSION}" 2>&1
 echo '::endgroup::'
 
-echo '::group:: Installing tfsec (latest) ... https://github.com/tfsec/tfsec'
+echo "::group:: Installing tfsec (${INPUT_TFSEC_VERSION}) ... https://github.com/tfsec/tfsec"
   test ! -d "${TFSEC_PATH}" && install -d "${TFSEC_PATH}"
 
+  if [[ "${INPUT_TFSEC_VERSION}" = "latest" ]]; then
+    tfsec_version=$(curl --silent https://api.github.com/repos/tfsec/tfsec/releases/latest | jq -r .tag_name)
+  else
+    tfsec_version=${INPUT_TFSEC_VERSION}
+  fi
   binary="tfsec"
-  url="https://github.com/tfsec/tfsec/releases/latest/download/tfsec-${os}-${arch}"
+  url="https://github.com/tfsec/tfsec/releases/download/${tfsec_version}/tfsec-${os}-${arch}"
   if [[ "${os}" = "windows" ]]; then
     url+=".exe"
     binary+=".exe"