# tas-actions

Reusable GitHub Actions for [TAS (Tea Advanced Security)](https://github.com/go-gitea/gitea): upload SARIF reports and gate CI on the API response.

## Actions

### [tas-upload-sarif](tas-upload-sarif/)

Uploads a SARIF report from a file to TAS and **fails the job** if the API returns `allowed: false`.

**Example workflow** (e.g. after a security scan that produces SARIF):

```yaml
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      # Run your scanner and produce SARIF (e.g. to results.sarif)
      # - run: ./run-scanner --output results.sarif

      - name: Upload SARIF to TAS and gate
        uses: your-org/tas-actions/tas-upload-sarif@v1
        with:
          tas-base-url: 'https://tas.example.com'
          sarif-file: 'results.sarif'
```

See [tas-upload-sarif/README.md](tas-upload-sarif/README.md) for all inputs and options.