Mission Critical Vulnerability Scanner (MCVS) Python Action. Create Python code without high and critical vulnerabilities.
Create a .github/workflows/python.yml
file with the following content:
---
name: Python
"on": push
permissions:
contents: read # write if pyinstaller-binary-name is non-empty
jobs:
MCVS-python-action:
runs-on: ubuntu-20.04
steps:
- uses: actions/[email protected]
- uses: schubergphilis/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
Option | Default | Required | Description |
---|---|---|---|
pyinstaller-binary-name | If populated, then a binary will be created using pyinstaller and attached to a release | ||
token | ' ' | x | GitHub token that is required to push a package to the registry of the project and to pull cached Trivy DB images |
trivy-action-db | ghcr.io/aquasecurity/trivy-db:2 | Replace this with a cached image to prevent bump into pull rate limiting issues | |
trivy-action-java-db | ghcr.io/aquasecurity/trivy-java-db:1 | Replace this with a cached image to prevent bump into pull rate limiting issues |
Define the Python version of the project by adding it to a .python-version
file.