Skip to content

Run cfsec with sarif upload

Actions
Run cfsec against terraform code base and upload the sarif output to the github repo
v0.0.2
Latest
By aquasecurity
Verified creator
Star (4)

Tags

 (2)
securitycode-scanning-ready

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

GitHub All Releases

cfsec-sarif-action

Description

This Github Action will run the cfsec sarif check then add the report to the repo for upload.

Example usage

name: cfsec
on:
  push:
    branches:
      - main
  pull_request:
jobs:
  cfsec:
    name: cfsec sarif report
    runs-on: ubuntu-latest

    steps:
      - name: Clone repo
        uses: actions/checkout@master

      - name: cfsec
        uses: cfsec/cfsec-sarif-action@master
        with:
          sarif_file: cfsec.sarif         
          github_token: ${{ secrets.GITHUB_TOKEN }}

      - name: Upload SARIF file
        uses: github/codeql-action/upload-sarif@v1
        with:
          # Path to SARIF file relative to the root of the repository
          sarif_file: cfsec.sarif

Example

The cfsec example project shows an example of the output here

image

Contributors (1)

@owenrumney

Resources

Run cfsec with sarif upload is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

About

Run cfsec against terraform code base and upload the sarif output to the github repo
v0.0.2
Latest
By aquasecurity

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Tags

 (2)
securitycode-scanning-ready

Contributors (1)

@owenrumney

Resources

Run cfsec with sarif upload is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.