https://github.com/checkpointsw/secure-code-workflow

Secure Code Workflow Template
https://github.com/checkpointsw/secure-code-workflow

checkpoint code-analysis compliance cve-scanning secrets secure-code sourceguard spectral

Last synced: 3 months ago
JSON representation

Secure Code Workflow Template

• Host: GitHub
• URL: https://github.com/checkpointsw/secure-code-workflow
• Owner: CheckPointSW
• Created: 2022-07-27T08:39:07.000Z (almost 3 years ago)
• Default Branch: latest
• Last Pushed: 2024-07-01T07:28:04.000Z (11 months ago)
• Last Synced: 2025-01-11T16:49:47.756Z (5 months ago)
• Topics: checkpoint, code-analysis, compliance, cve-scanning, secrets, secure-code, sourceguard, spectral
• Homepage:
• Size: 13.7 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Secure Code Workflow Template

Use this template to monitor, classify and protect your code, assets, and infrastructure for exposed API keys, tokens, credentials, vulnerable open-source packages, and high-risk security misconfigurations in a simple way, without noise.

## GitHub Integration

 

The following instructions would help you to perform a fast and simple integration to your GitHub repo workflow actions using [GitHub Actions](https://docs.github.com/en/actions).

 

### Add To Repo

 

Add this job to your workflow yml file under .github/workflows/

```

name: Secure Code Analysis

on:

  - push

  - pull_request

jobs:

  code-analysis:

    uses: CheckPointSW/secure-code-workflow/.github/workflows/code-analysis.yml@latest

    secrets: inherit

```

### Configuration

 

Spectral action must receive:

- `SPECTRAL_DSN` - You'll need to provide Spectral dsn.  [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).

To retrieve  `SPECTRAL_DSN` parameter, refer to https://app.spectralops.io/sources

Now, create these keys: 

- Organization Scope

  https://github.com/organizations/OrganizationName/settings/secrets/actions

- Repo Scope

  https://github.com/AccountName/RepoName/settings/secrets/actions

See more about [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).

## References

- [What is Developer Security?](https://www.checkpoint.com/cyber-hub/cloud-security/what-is-developer-security/)

- [Shift Left: Check Point Security Solution for DevOps](https://www.checkpoint.com/cloudguard/devsecops/)