Skip to content
aquasecurity

GitHub Action

Run cfsec with sarif upload

v0.0.2 Latest version

Run cfsec with sarif upload

aquasecurity

Run cfsec with sarif upload

Run cfsec against terraform code base and upload the sarif output to the github repo

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Run cfsec with sarif upload

              
  uses: aquasecurity/cfsec-sarif-action@v0.0.2
Learn more about this action in aquasecurity/cfsec-sarif-action

Choose a version

GitHub All Releases

cfsec-sarif-action

Description

This Github Action will run the cfsec sarif check then add the report to the repo for upload.

Example usage

name: cfsec
on:
  push:
    branches:
      - main
  pull_request:
jobs:
  cfsec:
    name: cfsec sarif report
    runs-on: ubuntu-latest

    steps:
      - name: Clone repo
        uses: actions/checkout@master

      - name: cfsec
        uses: cfsec/cfsec-sarif-action@master
        with:
          sarif_file: cfsec.sarif         
          github_token: ${{ secrets.GITHUB_TOKEN }}

      - name: Upload SARIF file
        uses: github/codeql-action/upload-sarif@v1
        with:
          # Path to SARIF file relative to the root of the repository
          sarif_file: cfsec.sarif

Example

The cfsec example project shows an example of the output here

image