Skip to content

Latest commit

 

History

History
42 lines (29 loc) · 1.54 KB

README.md

File metadata and controls

42 lines (29 loc) · 1.54 KB

Secure Code Workflow Template

Use this template to monitor, classify and protect your code, assets, and infrastructure for exposed API keys, tokens, credentials, vulnerable open-source packages, and high-risk security misconfigurations in a simple way, without noise.

GitHub Integration

The following instructions would help you to perform a fast and simple integration to your GitHub repo workflow actions using GitHub Actions.

Add To Repo

Add this job to your workflow yml file under .github/workflows/

name: Secure Code Analysis

on:
  - push
  - pull_request

jobs:
  code-analysis:
    uses: CheckPointSW/secure-code-workflow/.github/workflows/code-analysis.yml@latest
    secrets: inherit

Configuration

Spectral action must receive:

To retrieve SPECTRAL_DSN parameter, refer to https://app.spectralops.io/sources

Now, create these keys:

See more about GitHub secrets.

References