GithubHelp home page GithubHelp logo

polydice / brakeman-linter-action Goto Github PK

View Code? Open in Web Editor NEW

This project forked from cookpad/brakeman-linter-action

0.0 2.0 0.0 375 KB

GitHub Action to run Brakeman against your code.

License: MIT License

Ruby 98.88% Dockerfile 1.12%

brakeman-linter-action's Introduction

Brakeman results parser github action

Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.

You can read more about Brakeman itself here.

This action helps make sure that brakeman results get accurately added to pull requests, in the event of a new issue.

Currently we recommend hardcoding the brakeman version (e.g. 5.2.1) to prevent the unintended consequences of pulling down the latest version regardless of context.

Config options

These are the (required or recommended) options you can set for the runner.

  • GITHUB_TOKEN (required): the github token, naturally :)
  • REPORT_PATH: Where on the action runner you want the report to go, e.g. "/tmp/report.json". If not set, just outputs a json string.
  • PROJECT_PATH: The path of the project you want to scan (in case you have multiple apps in a repo). Defaults to the value of the GITHUB_WORKSPACE envvar.
  • GITHUB_LATEST_SHA: recommend setting this, it tells the runner where to put review comments. Easiest set as ${{ github.event.pull_request.head.sha }}
  • CUSTOM_MESSAGE_CONTENT: Something custom you want to add to the PR comments, e.g. a runbook or an emoji or a friendly message. Note that if you want a line break in CUSTOM_MESSAGE_CONTENT it is recommended to use <br /> tags.

Usage

- name: Brakeman
  uses: cookpad/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Custom report

- name: Install gems
  run: |
    gem install brakeman -v 5.2.1
- name: brakeman report
  run: |
    brakeman -f json > tmp/brakeman.json || exit 0
- name: Brakeman
  uses: cookpad/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    REPORT_PATH: tmp/brakeman.json

Custom path

- name: Brakeman
  uses: cookpad/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    PROJECT_PATH: my_rails_app

Example Workflow

name: Brakeman

on: [push]

jobs:
  build:
    runs-on: ubuntu-20.04
    steps:
    - uses: actions/checkout@v1
    - name: Brakeman
      uses: cookpad/[email protected]
      env:
        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
        GITHUB_LATEST_SHA: ${{ github.event.pull_request.head.sha }}
        CUSTOM_MESSAGE_CONTENT: "This is a cool, friendly comment!<br />Thank you for improving our security!"

Remember: if you want a line break in CUSTOM_MESSAGE_CONTENT it is recommended to use <br /> tags.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.