https://github.com/guardsquare/appsweep-action

GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process
https://github.com/guardsquare/appsweep-action

android-development app-testing security-tools

Last synced: about 1 year ago
JSON representation

GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process

• Host: GitHub
• URL: https://github.com/guardsquare/appsweep-action
• Owner: Guardsquare
• License: apache-2.0
• Created: 2021-10-14T19:31:55.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2025-02-05T16:59:32.000Z (over 1 year ago)
• Last Synced: 2025-03-20T00:20:26.550Z (over 1 year ago)
• Topics: android-development, app-testing, security-tools
• Homepage:
• Size: 2.71 MB
• Stars: 18
• Watchers: 10
• Forks: 4
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          


  


  


  

    

  



GitHub action for AppSweep Mobile Application Security Testing


## Usage

This action can be used to automate scanning your Android application using a GitHub action.

** Make sure to build the app before calling the step! **

### Example workflow

```yaml

# This workflow will build the app, and initiate a Guardsquare AppSweep scan of your APK

name: AppSweep mobile application security testing

on: [push]

jobs:

  appsweep-scan:

    runs-on: ubuntu-latest

    steps:

      - name: Check out repository code

        uses: actions/checkout@v2

      - name: Build debug app

        run: ./gradlew assembleDebug

      - name: Upload debug app to AS

        uses: guardsquare/appsweep-action@main

        with:

          appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}

          input_file: ./app/build/outputs/apk/debug/app-debug.apk

          mapping_file: ./app/build/outputs/mapping/debug/mapping.txt

```

### Inputs

| Input                         | Description                                                                      |

|-------------------------------|----------------------------------------------------------------------------------|

| `APPSWEEP_API_KEY`            | Project API key for your AppSweep project, should be stored using Github SECRETS |

| `INPUT_FILE`                  | The APK that will be uploaded to AppSweep                                        |

| `MAPPING_FILE` _(optional)_   | An optional obfuscation mapping file for the build                               |

| `TAGS` _(optional)_           | An optional set of tags to append to your build (format: tag1, tag2)             |