add vuln #30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: scan with KICS and upload SARIF | |
| on: | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| kics-job: | |
| runs-on: ubuntu-latest | |
| name: kics-action | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Mkdir results-dir | |
| # make sure results dir is created | |
| run: mkdir -p results-dir | |
| - name: Run KICS Scan with SARIF result | |
| uses: cxMiguelSilva/[email protected] | |
| with: | |
| path: vulns | |
| # when provided with a directory on output_path | |
| # it will generate the specified reports file named 'results.{extension}' | |
| # in this example it will generate: | |
| # - results-dir/results.json | |
| # - results-dir/results.sarif | |
| config_path: vulns/config | |
| output_formats: 'json,sarif' | |
| ignore_on_exit: results | |
| # seek query id in it's metadata.json | |
| exclude_queries: 0437633b-daa6-4bbc-8526-c0d2443b946e | |
| - name: Show results | |
| run: | | |
| cat results-dir/results.sarif | |
| cat results-dir/results.json | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: results-dir/results.sarif |