From 0eda602a3ec42876f57650e995039c04742e8688 Mon Sep 17 00:00:00 2001 From: Ruslan Riznyk Date: Wed, 6 Mar 2024 17:44:59 +0200 Subject: [PATCH] fix: added security KICS scan action --- .github/workflows/kics_sec_scan.yml | 31 +++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/kics_sec_scan.yml diff --git a/.github/workflows/kics_sec_scan.yml b/.github/workflows/kics_sec_scan.yml new file mode 100644 index 0000000..4bb46e7 --- /dev/null +++ b/.github/workflows/kics_sec_scan.yml @@ -0,0 +1,31 @@ +name: Run security KICS scaner + +on: + pull_request: + branches: + - main + +jobs: + kics: + name: Run security KICS scaner + runs-on: "ubuntu-latest" + + steps: + - name: Checkout code repo + uses: actions/checkout@v3 + + - name: Run security KICS scaner + uses: checkmarx/kics-github-action@v1.7.0 + with: + path: . + output_path: myResults/ + output_formats: 'sarif' + enable_comments: true + enable_annotations: true + ignore_on_exit: results + + # TBD + # - name: Upload SARIF file + # uses: github/codeql-action/upload-sarif@v1 + # with: + # sarif_file: myResults/results.sarif