Giter VIP home page Giter VIP logo

install-action's Introduction

install-action

Github actions to install vulnerability scanner.

Learn More

Inputs

inputs:
  dockerfile_context:
    description: 'The context of the Dockerfile to use for building the image.'
    required: true
    default: 'Dockerfile'
  endpoint:
    description: 'The URL of the CSPM panel to push the scan results to.'
    required: true
    default: 'cspm.demo.accuknox.com'
  token:
    description: 'The token for authenticating with the CSPM panel.'
    required: true
  tenant_id:
    description: 'The ID of the tenant associated with the CSPM panel.'
    required: true
  repository_name: 
     description: 'Docker image repository name'
     required: true
  tag:
     description: 'Add version tag to the repository'
     required: true
     default: '${{ github.run_id }}'
  severity:
     description: "Allows selection of severity level for the scan. Options include UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL. If specified, the scan will target vulnerabilities of the selected severity level."
     required: false
     default: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
  code:
     description: "Values '0' and '1' are accepted. '0' is the default value, which indicates that the pipeline will not be halted if the specified severity is found, while '1' indicates that the pipeline will stop if a specified severity level is detected." 
     required: false
     default: '0'

Usage

Steps for using Install-action in a workflow yaml file

  • Checkout into the repo using checkout action.
  • Utilize the udit-uniyal/Install-action repository with version tag v1.

Token Generation from Accuknox SaaS and Viewing Tenant ID

Navigate to Tokens within the Settings section in the sidebar: image

Click on Create Token: After clicking on 'Create Token,' the Tenant ID will be visible. image

Click on Generate: image

workflow steps:

 - name: Run AccuKnox CSPM Scan
        uses: udit-uniyal/Install-action@v1
        with:                      
          token: 
          tenant_id: 
          repository_name:
          endpoint:                        #Optional
          tag:                             #Optional
          severity:                        #Optional
          dockerfile_context:              #Optional

Minimalist Sample Configuration

name: AccuKnox Scan Workflow

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

jobs:
  accuknox-cicd:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@main  
     
      - name: Run AccuKnox CSPM Scan
        uses: udit-uniyal/Install-action@v1
        with:
          token: 
          tenant_id: 
          repository_name:

install-action's People

Contributors

udit-uniyal avatar

Stargazers

avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.