goscan/action.yml

19 lines
779 B
YAML
Raw Normal View History

2024-09-06 15:03:37 +01:00
name: 'GoSec Scanning'
description: 'Scan codebase with gosec'
2024-09-07 02:32:20 +01:00
inputs:
token:
description: >
Personal access token (PAT) used to fetch the repository. The PAT is configured
with the local git config, which enables your scripts to run authenticated git
commands. The post-job step removes the PAT.
We recommend using a service account with the least permissions necessary.
Also when generating a new PAT, select the least scopes necessary.
[Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
default: ${{ github.token }}
2024-09-06 15:03:37 +01:00
runs:
using: 'docker'
image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'