1.0.53 Add kics dockerfile scan action #2

Workflow file for this run

.github/workflows/scan-dockerfiles-with-kics.yml at 0dcd59f

	name: Scan Dockerfile with KICS

	on:
	# Trigger the workflow on the following events:

	# Scan changed files in Pull Requests (diff-aware scanning).
	pull_request: {}

	# Trigger the workflow on-demand through the GitHub Actions interface.
	workflow_dispatch: {}

	# Scan mainline branches (main and development) and report all findings.
	push:
	branches: ["main", "development"]

	jobs:
	kics-job:
	name: KICS Github Action

	# Specify the runner environment. Use the latest version of Ubuntu.
	runs-on: ubuntu-latest

	# Define permissions for specific GitHub Actions.
	permissions:
	actions: read # Permission to read GitHub Actions.
	contents: read # Permission to read repository contents.
	security-events: write # Permission to write security events.

	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	# Step: Checkout code
	# Action to check out the code from the repository.
	# This step fetches the codebase from the GitHub repository.

	- name: Run KICS Scan with SARIF result
	uses: Checkmarx/[email protected]
	with:
	path: .
	# when provided with a directory on output_path
	# it will generate the specified reports file named 'results.{extension}'
	# in this example it will generate: results.sarif
	output_path: .
	platform_type: docker
	output_formats: 'sarif'
	- name: Show results
	run: \|
	cat results.sarif

	- name: Upload Results so GitHub Advanced Security Dashboard
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: results.sarif
	category: "KICS Dockerfile Scan"
	if: always()
	# Upload the SARIF file with scan results to the GitHub Advanced Security Dashboard.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.0.53 Add kics dockerfile scan action #2

Workflow file

1.0.53 Add kics dockerfile scan action #2

Jobs

Run details

Workflow file for this run