File tree Expand file tree Collapse file tree 1 file changed +26
-0
lines changed Expand file tree Collapse file tree 1 file changed +26
-0
lines changed Original file line number Diff line number Diff line change 1+ name : IaC Scan
2+
3+ on :
4+ pull_request :
5+ branches : [ main ]
6+
7+ jobs :
8+ iac-scan :
9+ runs-on : ubuntu-latest
10+ steps :
11+ - name : Checkout code
12+ uses : actions/checkout@v4
13+
14+ - name : Install Sysdig CLI Scanner
15+ run : |
16+ LATEST_VERSION=$(curl -s https://download.sysdig.com/scanning/sysdig-cli-scanner/latest_version.txt)
17+ curl -Lo sysdig-cli-scanner "https://download.sysdig.com/scanning/bin/sysdig-cli-scanner/${LATEST_VERSION}/linux/amd64/sysdig-cli-scanner"
18+ chmod +x sysdig-cli-scanner
19+ sudo mv sysdig-cli-scanner /usr/local/bin/
20+ sysdig-cli-scanner --version
21+
22+ name : IaC scan
23+ env :
24+ SECURE_API_TOKEN : ${{ secrets.SYSDIG_SECURE_TOKEN }}
25+ run : |
26+ sysdig-cli-scanner --iac -r -f H --apiurl ${{ secrets.SYSDIG_SECURE_URL }} .
You can’t perform that action at this time.
0 commit comments