22 lines
786 B
Text
22 lines
786 B
Text
steps:
|
|
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
|
- uses: actions/checkout@v2
|
|
|
|
# ThunderScan Action
|
|
- name: ThunderScan
|
|
uses: defensecode/thunderscan-action@v1.0
|
|
with:
|
|
api_url: 'http://localhost:8999'
|
|
client_path: '/opt/thunderscan/tsactioncli'
|
|
api_token: ${{ secrets.THUNDERSCAN_TOKEN }}
|
|
|
|
- name: Expose report
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
name: SARIF results
|
|
path: thunderscan-sarif.json
|
|
# Uploads thunderscan-sarif.json to GitHub repository using the upload-sarif action
|
|
- uses: github/codeql-action/upload-sarif@v1
|
|
with:
|
|
# Path to SARIF file relative to the root of the repository
|
|
sarif_file: thunderscan-sarif.json
|