https://github.com/checkpointsw/spectral-github-action
Automated Secrets, Misconfiguration, IaC Misconfiguration detection, and OSS by Check Point CloudGuard
https://github.com/checkpointsw/spectral-github-action
codesecurity iac oss sbom secrets-detection
Last synced: 6 months ago
JSON representation
Automated Secrets, Misconfiguration, IaC Misconfiguration detection, and OSS by Check Point CloudGuard
- Host: GitHub
- URL: https://github.com/checkpointsw/spectral-github-action
- Owner: CheckPointSW
- License: mit
- Created: 2024-03-17T14:24:54.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-04-24T10:34:10.000Z (over 1 year ago)
- Last Synced: 2025-03-01T00:59:44.617Z (11 months ago)
- Topics: codesecurity, iac, oss, sbom, secrets-detection
- Language: JavaScript
- Homepage: https://guides.spectralops.io
- Size: 204 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# CloudGuard Code Security
Spectral is the shift-left solution of Check Point’s CloudGuard to provide the industry’s most comprehensive security platform from code to cloud. Spectral was built as a platform from the ground up to have a fantastic developer experience (DX). Spectral Scan is a single self-contained binary, that's easy to get and use.
## Example usage
Include this Action as a step in your workflow:
```
uses: checkpointsw/spectral-github-action@v4
with:
spectral-dsn: $SPECTRAL_DSN
spectral-args: scan --ok
```
[Review Action Usage Example](.github/workflows/main.yml)
## Configuration
You'll need to provide Spectral DSN as an input variable. You should always store your DSN in a secure way, like below in [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
```yaml
name: Spectral
on: [push]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install and run Spectral CI
uses: checkpointsw/spectral-github-action@v4
with:
spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
spectral-args: scan --ok
```
Spectral provides another scan option to audit your GitHub/GitLab organization, user or repo.
```yaml
name: Spectral
on: [push]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install and run Spectral Audit
uses: checkpointsw/spectral-github-action@v4
with:
spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/checkpointsw/spectral-github-action --include-tags base,audit --ok
```
### How to Contribute
We welcome [issues](https://github.com/checkpointsw/spectral-github-action/issues) to and [pull requests](https://github.com/checkpointsw/spectral-github-action/pulls) against this repository!
## Resources
- [Solution Review](https://www.checkpoint.com/cloudguard/developer-security/)
- [Documentation](https://guides.spectralops.io/docs)
## License
This project is licensed under the MIT License. See [LICENSE](LICENSE) for further details.