-
Notifications
You must be signed in to change notification settings - Fork 1
38 lines (36 loc) · 1.05 KB
/
ctScan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
run-name: CodeThreat Scan Task
on:
# Trigger scan when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- main
- master
pull_request:
branches:
- main
- master
jobs:
codethreat_scanner:
runs-on: ubuntu-latest
name: Codethreat Scan
steps:
- name: Check Out Source Code
uses: actions/checkout@v3
- name: Install Node.js
uses: actions/setup-node@v1
- name: CodeThreat Github Action Scanner
uses: CodeThreat/codethreat-scan-action@master
env:
ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CT_SERVER: ${{ secrets.CT_SERVER }}
ORGNAME: ${{ secrets.ORGNAME }}
with:
FAILED_ARGS: |
- max_number_of_critical: 15
- max_number_of_high: 15
- weakness_is: ".*injection"
- condition: 'OR'
- automerge: false
- sync_scan: true