Skip to content

fike/horusec-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Horusec Action

Horusec is a SAST great DevSecOps tool to use for any pipeline. This is a proof of concept to embed in a Github Action.

How to use

You can put arguments as cli (--ignore="**/tmp/**"), but the better way when use a configuration file. To generate the configuration file:

horusec generate

Below is an example with Horusec configuration. If you want to see how to use in the a real project, you can see here.

on: [push]

jobs:
  checking_code:
    runs-on: ubuntu-latest
    name: Horusec Scan
    steps:
      - name: Run Horusec
        id: run_horusec
        uses: fike/[email protected]
        with:
          arguments: --config-file-path=horusec-config.json

The most common argument to pass is --ignore directories and target path. You can add any extra argument for Horusec supported but keep in mind that use in the argument line for your Action workflow.

Here is an example to ignore some directories and the target path is "/".

on: [push]

jobs:
  checking_code:
    runs-on: ubuntu-latest
    name: Horusec Scan
    steps:
      - name: Run Horusec
        id: run_horusec
        uses: fike/[email protected]
        with:
          arguments: -p="./" --ignore="**/.vscode/**, **/*.env, **/.mypy_cache/**, **/tests/**"

Known Issue

Build Action based Docker purely isn't flexible to split arguments like it's possible when build using Javascript/Typescript.

This is a proof of concept to running Horusec as a Github Action.