feat: pin to sha + additional inputs (#3)

* feat: make input cleaner using paths

* feat: allow different postfix

* feat: allow different postfix

* feat: allow different postfix

* feat: pin version to sha and allow comment type input

* feat: allow opa version input

README.md

@@ -2,9 +2,9 @@
 
 # GitHub Action for OPA Rego Policy Tests <!--[![Latest Release](https://img.shields.io/github/release/masterpointio/github-action-opa-rego-test.svg)](https://github.com/masterpointio/github-action-opa-rego-test/releases/latest)-->
 
-GitHub Action to automate testing for your OPA (Open Policy Agent) Rego policies, generates a report with coverage information, and posts the test results as a comment on your pull requests.
+GitHub Action to automate testing for your OPA (Open Policy Agent) Rego policies, generates a report with coverage information, and posts the test results as a comment on your pull requests, making it easy for your team to review and approve policies.
 
-Use this to test your OPA Rego files for [Spacelift policies](https://docs.spacelift.io/concepts/policy), Kubernetes Admission Controller policies, Docker authorization policies, or any other use case that uses [Open Policy Agent's policy language Rego](https://www.openpolicyagent.org/docs/latest/).
+Use this to test your OPA Rego files for [Spacelift policies](https://docs.spacelift.io/concepts/policy), Kubernetes Admission Controller policies, Docker authorization policies, or any other use case that uses [Open Policy Agent's policy language Rego](https://www.openpolicyagent.org/docs/latest/). This Action also updates PR comments with the test results in place to prevent duplication.
 
 <img src="./assets/opa-logo.png" alt="OPA Logo" width="300">
 
@@ -23,7 +23,7 @@ See examples of the pull request comments below at the [Example Pull Request Com
 - [💬 Example Pull Request Comments](#-example-pull-request-comments)
 
 ## 🚀 Usage
-It's super easy to get started and use this GitHub Action to test your OPA Rego policies. In your repository/directory with the `.rego` files and the `_test.rego` files, simply checkout the repository and add the step with `uses: masterpointio/github-action-opa-rego-test@main`. It's as simple as adding the step with no required inputs!
+It's super easy to get started and use this GitHub Action to test your OPA Rego policies. In your repository/directory with the `.rego` files and the `_test.rego` files, simply checkout the repository and add the step with `uses: masterpointio/github-action-opa-rego-test@main`. It's as simple as adding the step with no required inputs! It will then generate a PR comment (that updates in place) with the test results!
 ```yaml
       - name: Run OPA Rego Tests
         uses: masterpointio/github-action-opa-rego-test@main
@@ -77,8 +77,10 @@ In the example below, all `_test.rego` files' location are valid and will be exe
 | `test_file_postfix` | Postfix of the test files to run (e.g. notification.rego <> notification_test.rego) | No | `_test` |
 | `write_pr_comment` | Flag to write a user-friendly PR comment with test results | No | `true` |
 | `pr_comment_title` | Title of the PR comment for test results | No | `🧪 OPA Rego Policy Test Results` |
+| `pr_comment_mode` | Mode that will be used to update comment. Options of upsert (update in place) or recreate. | No | `upsert` |
 | `run_coverage_report` | Flag to run OPA coverage tests and include in PR comment | No | `true` |
 | `report_untested_files` | Check & report Rego files without corresponding test files | No | `false` |
+| `opa_version` | Version of the OPA CLI to use. | No | `0.67.1` |
 
 ## ⚙️ How It Works
 This GitHub Action automates the process of testing OPA (Open Policy Agent) Rego policies and generating coverage reports. Here's a breakdown of its operation:

action.yml

@@ -25,6 +25,9 @@ inputs:
     description: 'Title of the PR comment of the test results.'
     required: false
     default: '🧪 OPA Rego Policy Test Results'
+  pr_comment_mode:
+    description: Mode that will be used to update comment. Options of upsert (update in place) or recreate.
+    default: 'upsert'
   run_coverage_report:
     description: 'Flag to run OPA coverage tests and write to the PR. The `write_pr_comment` must be enabled for the coverage report to be written. Default of true.'
     required: false
@@ -33,14 +36,18 @@ inputs:
     description: 'Check & report in the PR comments of the Rego files that do not have any corresponding test files. For best conventions, append the postfix `_test` (or what you set as the `test_file_postfix` input) for your test file. E.g. `notification.rego` <> `notification_test.rego`'
     required: false
     default: false
+  opa_version:
+    description: 'Version of OPA CLI to use. Default is 0.67.1.'
+    required: false
+    default: '0.67.1'
 
 runs:
   using: 'composite'
   steps:
     - name: Setup OPA
       uses: open-policy-agent/setup-opa@v2
       with:
-        version: 0.67.1
+        version: ${{ inputs.opa_version }}
 
     - name: Run OPA Tests
       id: opa-test
@@ -137,12 +144,12 @@ runs:
 
     # Create (or update in-place) a PR comment of the test result output
     - name: Comment on PR
-      uses: thollander/actions-comment-pull-request@v2
+      uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0
       # If `write_pr_comment` enabled, regardless of if test is success or fail, write the results of the failure.
       # Even if input is bool, it has to be treated as string bc of GH's behavior (https://github.com/actions/runner/issues/1483)
       if: inputs.write_pr_comment == 'true' && (success() || failure())
       with:
         message: |
           ${{ steps.parse-results.outputs.parsed_results }}
         comment_tag: opa-test-results
-        mode: upsert
+        mode: ${{ inputs.pr_comment_mode }}