Skip to content

Latest commit

 

History

History
62 lines (49 loc) · 1.2 KB

README.md

File metadata and controls

62 lines (49 loc) · 1.2 KB

Brakeman github action

Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. See more

Usage

- name: Brakeman
  uses: devmasx/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Custom report

- name: Install gems
  run: |
    gem install brakeman -v 4.5.0
- name: brakeman report
  run: |
    brakeman -f json > tmp/brakeman.json || exit 0
- name: Brakeman
  uses: devmasx/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    REPORT_PATH: tmp/brakeman.json

Custom path

- name: Brakeman
  uses: devmasx/[email protected]
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    PROJECT_PATH: my_rails_app

Example Workflow

name: Brakeman

on: [push]

jobs:
  build:
    runs-on: ubuntu-18.04
    steps:
    - uses: actions/checkout@v1
    - name: Brakeman
      uses: devmasx/[email protected]
      env:
        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Screenshots

example GitHub Action UI example Pull request