Skip to content
This repository has been archived by the owner on Sep 26, 2024. It is now read-only.
Vulnerability checks

Bump coverage from 7.3.2 to 7.4.2 #115

Sign in to view logs

Bump coverage from 7.3.2 to 7.4.2

Bump coverage from 7.3.2 to 7.4.2 #115

Workflow file for this run

.github/workflows/secobserve.yml at af5db69
name: Vulnerability checks
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Run Bandit
uses: MaibornWolff/secobserve_actions_templates/actions/SAST/bandit@main
with:
target: 'dd_import'
report_name: 'dd_import_bandit.sarif'
so_upload: 'false'
so_api_base_url: ${{ vars.SO_API_BASE_URL }}
so_api_token: ${{ secrets.SO_API_TOKEN }}
so_product_name: ${{ vars.SO_PRODUCT_NAME }}
- name: Run Semgrep
uses: MaibornWolff/secobserve_actions_templates/actions/SAST/semgrep@main
with:
target: 'dd_import'
report_name: 'dd_import_semgrep.json'
configuration: 'r/python'
so_upload: 'false'
- name: Run KICS
uses: MaibornWolff/secobserve_actions_templates/actions/SAST/kics@main
with:
target: '.'
report_name: 'dd_import_kics.sarif'
so_upload: 'false'
- name: Run Checkov
uses: MaibornWolff/secobserve_actions_templates/actions/SAST/checkov@main
with:
target: '.'
report_name: 'dd_import_checkov.sarif'
so_upload: 'false'
- name: Run Trivy image
uses: MaibornWolff/secobserve_actions_templates/actions/SCA/trivy_image@main
with:
target: 'maibornwolff/dd-import:latest'
report_name: 'dd_import_trivy_image.json'
so_upload: 'false'
- name: Run Grype image
uses: MaibornWolff/secobserve_actions_templates/actions/SCA/grype_image@main
with:
target: 'maibornwolff/dd-import:latest'
report_name: 'dd_import_grype_image.json'
so_upload: 'false'
- name: Run Gitleaks
uses: MaibornWolff/secobserve_actions_templates/actions/secrets/gitleaks@main
with:
report_name: 'dd_import_gitleaks.sarif'
so_upload: 'false'
- name: Upload results
uses: actions/upload-artifact@v3
with:
name: secobserve
path: |
dd_import_bandit.sarif
dd_import_semgrep.json
dd_import_kics.sarif
dd_import_checkov.sarif
dd_import_trivy_image.json
dd_import_grype_image.json
dd_import_gitleaks.sarif