kics-github-action icon indicating copy to clipboard operation
kics-github-action copied to clipboard
verified publisher icon Checkmarx

feat: fail_on threshold option enabled

Open msandeep12 opened this issue 5 months ago • 1 comments

https://github.com/Checkmarx/kics-github-action/issues/134

This PR introduces a new fail_on_threshold input for the KICS GitHub Action, allowing users to specify severity thresholds using natural operators (e.g., high>1,low>5). When set, fail_on_threshold takes precedence over fail_on and ignore_on_exit, and the workflow will only fail if a threshold is exceeded. This makes it easier to control workflow failures based on the number of issues found for each severity, providing more flexible and intuitive scan result handling. Documentation has been updated to reflect this behavior. This can act as quality gate condition which each repo owners can set

Testing Failure scenario https://github.com/msandeep12/terraform-examples/actions/runs/16397596206

Success scenario https://github.com/msandeep12/terraform-examples/actions/runs/16397524250

msandeep12 avatar Jul 20 '25 08:07 msandeep12

Logo Checkmarx One – Scan Summary & Details28424d7e-f025-497f-9fec-9ec5d6617778

Great job, no security vulnerabilities found in this Pull Request

amacedoo avatar Jul 20 '25 08:07 amacedoo