Skip to content

controlplaneio/kubesec-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Kubesec Action

GitHub Action for kubesec

GitHub Release GitHub Marketplace

kubesec_logo

Table of Contents

Usage

Workflow

name: lint
on:
  push:
    branches:
      - master
  pull_request:
jobs:
  lint:
    name: Lint
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Run kubesec scanner
        uses: controlplaneio/kubesec-action@master
        with:
          input: file.yaml

Using kubesec with GitHub Code Scanning

If you have GitHub code scanning available you can use kubesec as a scanning tool as follows:

name: lint
on:
  push:
    branches:
      - master
  pull_request:
jobs:
  lint:
    name: Lint
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Run kubesec scanner
        uses: controlplaneio/kubesec-action@master
        with:
          input: file.yaml
          exit-code: "0"
          format: template
          template: template/sarif.tpl
          output: kubesec-results.sarif

      - name: Upload Kubesec scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: kubesec-results.sarif

Customising

inputs

Following inputs can be used as step.with keys:

Name Type Default Description
input String File to scan
format String json Output format (json, template)
template String Output template (/templates/sarif.tpl)
output String Save results to a file
exit-code String "2" Override the exit-code