Skip to content

adishagarwal/SCC-Left-Shift-Security

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.github/workflows
.github/workflows
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

GitHub Action for IAC Validation.

This action scans the target respository and extracts the dependency file(SBOM) for the same and eventually comes up with a list of depenendency both direct and transitive. Further, this list of dependencies is saved to a GCP bucket. Also this SBOM(dependency list) is used to generate the vunerability list(VAX). This VAX file is finally available to the client in their GCP bucket.

Inputs

gcs_credentials

Required Service Account Credential for the GCP Account.

repo-token

Required GitHub Token for accessing contents of the repository.

owner

Required Repository Owner Name.

repoName

Required Name of the Repo to be scanned.

Files Description

action.yml

Defines input to the Action.

index.js

Core logic of the plugin.

package.json

Defines project configuration.

package-lock.json

Auto generated complete depednecy tree.

About

IAC Validation Action for terraform files.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%