Adding only fixed option

action.yml

@@ -23,6 +23,10 @@ inputs:
     description: Fail if a vulnerability is rated above or equal. [negligible,low,medium,high,critical]
     required: false
     default: "high"
+  onlyFixed:
+    description: Fails if a vulnerability is above failOn and fixed only
+    required: false
+    default: "true"
 
 runs:
   using: docker

entrypoint.sh

@@ -5,6 +5,7 @@ INPUT_IMAGE_PREFIX=$imagePrefix
 INPUT_CONFIG_PATH=$config
 INPUT_PLATFORM=$platform
 INPUT_FAIL_ON=$failOn
+INPUT_ONLY_FIXED=$onlyFixed
 
 set -e
 
@@ -25,6 +26,10 @@ fi;
 
 GRYPE_OPTIONS=("-v" "--by-cve" "--show-suppressed")
 
+if [ "$INPUT_ONLY_FIXED" == "true" ]; then
+  GRYPE_OPTIONS+=("--only-fixed")
+fi
+
 if [ -n "$INPUT_CONFIG_PATH" ] && [ -f "$INPUT_CONFIG_PATH" ]; then
   GRYPE_OPTIONS+=("--config" "$INPUT_CONFIG_PATH")
 fi