Skip to content

dacoburn/security-tools

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
src
src
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Security Tools Scanning

The purpose of this action is to run various security tools, process their output, and then comment the results on a PR. It is expected to only run this on PRs

Example Usage

name: Security Scan Workflow
on:
  pull_request:
    types: [opened, synchronize, edited]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
      contents: read

    steps:
      - name: Checkout code
        uses: actions/[email protected]
      - name: Run Security Scan and Comment Action
        uses: dacoburn/[email protected]
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          trufflehog_exclude_dir: "node_modules/*,vendor,.git/*,.idea"
          bandit_exclude_dir: "tests,migrations,tests,test,.venv,venv"
          bandit_rules: "B101,B102,B105,B106,B107,B110,B603,B605,B607"
          gosec_rules: "medium"
          gosec_exclude_dir: "tests,migrations,tests,test,.venv,venv"
          trivy_rules: ""
          trivy_exclude_dir: "/path/to/ignore"

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 11

Add error on findings Latest
Oct 9, 2024
+ 10 releases

Packages

No packages published

Languages