Skip to content

use application profile instead of sbomp for relevancy #1341

use application profile instead of sbomp for relevancy

use application profile instead of sbomp for relevancy #1341

Workflow file for this run

name: Kubescape scanning for misconfigurations
on:
push:
paths:
- 'charts/**.yaml'
- 'charts/**.tpl'
jobs:
kubescape:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: kubescape/github-action@main
continue-on-error: true
with:
frameworks: "allcontrols,workloadscan"
format: sarif
outputFile: results.sarif
severityThreshold: critical
account: ${{secrets.KUBESCAPE_ACCOUNT }}
accessKey: ${{secrets.KUBESCAPE_ACCESS_KEY }}
- name: Upload Kubescape scan results to Github Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif