Skip to content

Commit

Permalink
add CI security workflow (#668)
Browse files Browse the repository at this point in the history 
Add supports for Datadog static analysis. It checks rules that validates
the GitHub actions are safe and secure.
  • Loading branch information
@HippoBaro
HippoBaro authored Jun 20, 2024
1 parent 4328437 commit d3f6e7a
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 0 deletions.
21 changes: 21 additions & 0 deletions .github/workflows/datadog-static-analysis.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
on: [push]

name: Datadog Static Analysis

jobs:
static-analysis:
runs-on: ubuntu-latest
name: Datadog Static Analyzer
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Check code meets quality and security standards
id: datadog-static-analysis
uses: DataDog/datadog-static-analyzer-github-action@v1
with:
dd_api_key: ${{ secrets.DD_STATIC_ANALYSIS_API_KEY }}
dd_app_key: ${{ secrets.DD_STATIC_ANALYSIS_APP_KEY }}
dd_service: dd-trace-py
dd_env: ci
dd_site: datadoghq.com
cpu_count: 2
4 changes: 4 additions & 0 deletions static-analysis.datadog.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
rulesets:
- sit-ci-best-practices:
only:
- ".github/workflows"

0 comments on commit d3f6e7a

Please sign in to comment.