Coder Social home page Coder Social logo

checkpointsw / spectral-github-action Goto Github PK

View Code? Open in Web Editor NEW
0.0 1.0 0.0 209 KB

Automated Secrets, Misconfiguration, IaC Misconfiguration detection, and OSS by Check Point CloudGuard

Home Page: https://guides.spectralops.io

License: MIT License

JavaScript 100.00%
codesecurity iac secrets-detection oss sbom

spectral-github-action's Introduction



CheckPoint logo SpectralOps logo

CloudGuard Code Security

Spectral is the shift-left solution of Check Point’s CloudGuard to provide the industry’s most comprehensive security platform from code to cloud. Spectral was built as a platform from the ground up to have a fantastic developer experience (DX). Spectral Scan is a single self-contained binary, that's easy to get and use.

Example usage

Include this Action as a step in your workflow:

uses: checkpointsw/spectral-github-action@v4
with:
  spectral-dsn: $SPECTRAL_DSN
  spectral-args: scan --ok

Review Action Usage Example

Configuration

You'll need to provide Spectral DSN as an input variable. You should always store your DSN in a secure way, like below in GitHub secrets.

name: Spectral

on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Install and run Spectral CI
        uses: checkpointsw/spectral-github-action@v4
        with:
          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
          spectral-args: scan --ok

Spectral provides another scan option to audit your GitHub/GitLab organization, user or repo.

name: Spectral

on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Install and run Spectral Audit
        uses: checkpointsw/spectral-github-action@v4
        with:
          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
          spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/checkpointsw/spectral-github-action --include-tags base,audit --ok

How to Contribute

We welcome issues to and pull requests against this repository!

Resources

License

This project is licensed under the MIT License. See LICENSE for further details.

spectral-github-action's People

Contributors

guylev008 avatar njenia avatar chkp-roniz avatar bennycode avatar chengadev avatar eladbash avatar lreuven avatar cmpxchg16 avatar chkp-jrosenboom avatar

Watchers

Adam Richter avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.