Merge pull request #6 from data-platform-hq/sec_scan_integration

fix: added security KICS scan action
data-platform-hq · Mar 11, 2024 · 69fb910 · 69fb910
2 parents 4d6469f + a505515
commit 69fb910
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/.github/workflows/kics_sec_scan.yml b/.github/workflows/kics_sec_scan.yml
@@ -0,0 +1,31 @@
+name: Run security KICS scaner
+
+on: 
+  pull_request:
+    branches:
+    - main
+
+jobs:
+  kics:
+    name: Run security KICS scaner
+    runs-on: "ubuntu-latest"
+
+    steps:
+    - name: Checkout code repo
+      uses: actions/checkout@v3
+
+    - name: Run security KICS scaner
+      uses: checkmarx/[email protected]
+      with:
+        path: .
+        output_path: myResults/
+        output_formats: 'sarif'
+        enable_comments: true
+        enable_annotations: true
+        ignore_on_exit: results
+
+    # TBD    
+    # - name: Upload SARIF file
+    #   uses: github/codeql-action/upload-sarif@v1
+    #   with:
+    #     sarif_file: myResults/results.sarif