init commit

Dockerfile

@@ -0,0 +1,9 @@
+FROM registry.jakeyoungdev.com/go/alpine:1.25.3 AS builder
+WORKDIR /build
+COPY . /build/
+RUN go mod download && \
+    GOOS=linux go build ./main.go -o /build/parse
+
+FROM registry.jakeyoungdev.com/go/alpine:1.25.3
+COPY --from=builder /app/parser /
+ENTRYPOINT [ "parser" ]

action.yaml

@@ -0,0 +1,15 @@
+name: "compose file parser"
+description: "security checks for docker compose files"
+inputs:
+  path:
+    description: "path to docker compose file"
+    required: true
+    default: "compose.yaml"
+outputs:
+  report:
+    description: "results of the scan"
+runs:
+  using: docker
+  image: Dockerfile
+  env:
+    COMPOSE_FILE_PATH=${{ inputs.path }}