https://github.com/securestackco/actions

A set of GitHub actions for checking your application for vulnerabilities
https://github.com/securestackco/actions

actions securestack

Last synced: 9 months ago
JSON representation

A set of GitHub actions for checking your application for vulnerabilities

• Host: GitHub
• URL: https://github.com/securestackco/actions
• Owner: SecureStackCo
• License: gpl-3.0
• Created: 2021-11-23T09:15:34.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2021-11-29T11:32:58.000Z (about 4 years ago)
• Last Synced: 2025-01-31T12:34:52.442Z (11 months ago)
• Topics: actions, securestack
• Language: Shell
• Homepage:
• Size: 48.8 KB
• Stars: 0
• Watchers: 6
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# SecureStack GitHub Actions

A set of GitHub Actions for using SecureStack to analyse an application and the constituent codebase for application attack surface (exposure), software composition (code) and secret vulnerabilities.

```

name: Example Workflow Using SecureStack Actions

on: push

jobs:

  security:

    runs-on: ubuntu-latest

    steps:

      - name: Checkout repo for running secrets analysis within workflow

        id: checkout

        uses: actions/checkout@v2.4.0

        with:

          fetch-depth: 0

      - name: Exposure Analysis Step

        id: exposure

        uses: NiftyBank/niftybank-app/actions/exposure@master

        with:

          securestack_api_key: ${{ secrets.SECURESTACK_API_KEY_SECRET }}

          securestack_app_id: ${{ secrets.SECURESTACK_APPI_ID }}

          severity: critical

          flags: '--dom'

      - name: SCA Analysis Stepp

        id: code

        uses: NiftyBank/niftybank-app/actions/code@master

        with:

          securestack_api_key: ${{ secrets.SECURESTACK_API_KEY_SECRET }}

          securestack_app_id: ${{ secrets.SECURESTACK_APPI_ID }}

          severity: critical

          language: node

      - name: Secrets Analysis Step

        id: secrets

        uses: NiftyBank/niftybank-app/actions/secrets@master

        with:

          securestack_api_key: ${{ secrets.SECURESTACK_API_KEY_SECRET }}

          securestack_app_id: ${{ secrets.SECURESTACK_APPI_ID }}

          severity: critical

          flags: '-d 50'

```

## Getting your SecureStack API Key

TODO

Made with 💜 by SecureStack