You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
GitHub Action
Bridgecrew Github Action
v1.0.0
Use the Bridgecrew GitHub action to scan for infrastrcture-as-code errors in your GitHub action pipeline. By utilizing this GitHub action in your project workflow, you can automatically start to find, fix and monitor your project for configuration errors in Terraform and CloudFormation. By signing up for a free Bridgecrew Community plan you can also view dashboards and reports. The community plan does not limit the number of scans or users you can invite to view the results.
In fact, it is very easy to start using the GitHub action. All you need to do is:
- Follow the instructions at GitHub configuration a workflow to enable Github Action in your repository.
- Set up an environment variable with your Bridgecrew API key, which you can get from your Bridgecrew account.
- In the app build job, uses the
bridgecrewio/bridgecrew-action@master - Optionally, supply parameters to customize GitHub action behaviour
- name: Run Bridgecrew scanner
id: Bridgecrew scanner
uses: bridgecrewio/bridgecrew-action@master
with:
directory: "terraform"
soft-fail: "true"
output: "junitxml"
api-key-variable: ${{ secrets.API_KEY }} - name: Run Bridgecrew scanner
id: Bridgecrew scanner
uses: bridgecrewio/bridgecrew-action@master
with:
file: "./terraform/db-app.tf"
output: "json"
api-key-variable: ${{ secrets.API_KEY }}| Parameter | Description | Required | Default | Type |
|---|---|---|---|---|
| api-key-variable | Environment variable name of the Bridgecrew API key from Bridgecrew app | No | Secret parameter | |
| directory | IaC root directory to scan | No | "none" | Input parameter |
| file | IaC file to scan | No | "none" | Input parameter |
| soft-fail | Runs checks without failing build | No | "false" | Input parameters |
| output | Report output format | No | "cli" | cli \ json \ junitxml |
Full reference docs here.
Run Bridgecrew GitHub in your GitHub pipeline