https://github.com/spectralops/spectral-github-action
Spectral Security Integration into your Github Actions pipeline
https://github.com/spectralops/spectral-github-action
Last synced: 5 months ago
JSON representation
Spectral Security Integration into your Github Actions pipeline
- Host: GitHub
- URL: https://github.com/spectralops/spectral-github-action
- Owner: SpectralOps
- License: mit
- Created: 2022-01-02T11:56:21.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-04-10T06:49:32.000Z (over 1 year ago)
- Last Synced: 2024-10-20T10:13:13.188Z (about 1 year ago)
- Language: JavaScript
- Size: 194 KB
- Stars: 14
- Watchers: 3
- Forks: 8
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
Spectral Scan
# Install Spectral Scan action
Spectral Scan is a single self-contained binary, that's easy to get and use. This action installs the latest Spectral version into your PATH.
## Example usage
Include this Action as a step in your workflow:
```
uses: spectralops/spectral-github-action@v4
with:
spectral-dsn: $SPECTRAL_DSN
spectral-args: scan --ok
```
You can see an example of this Action [here](https://github.com/SpectralOps/spectral-github-action/tree/main/.github/workflows/main.yml)
## Configuration
You'll need to provide Spectral DSN as an input variable. You should always store your DSN in a secure way, like below in [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).
```yaml
name: Spectral
on: [push]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install and run Spectral CI
uses: spectralops/spectral-github-action@v4
with:
spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
spectral-args: scan --ok
```
Spectral provides another scan option to audit your Github/Gitlab organization, user or repo.
```yaml
name: Spectral
on: [push]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install and run Spectral Audit
uses: spectralops/spectral-github-action@v4
with:
spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok
```
### How to Contribute
We welcome [issues](https://github.com/SpectralOps/spectral-github-action/issues) to and [pull requests](https://github.com/SpectralOps/spectral-github-action/pulls) against this repository!
## License
This project is licensed under the MIT License. See [LICENSE](LICENSE) for further details.