You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
GitHub Action
Horusec
v0.1-alpha
Horusec is a SAST great DevSecOps tool to use for any pipeline. This is a proof of concept to embed in a Github Action.
The most common argument to pass is --ignore
directories and target path. You can add any extra argument for Horusec supported but keep mind that use in the argument line for your Action workflow.
Here is a example to ignore some directories and target path is "/"
.
on: [push]
jobs:
checking_code:
runs-on: ubuntu-latest
name: Horusec Scan
steps:
- name: Run Horusec
id: run_horusec
uses: fike/[email protected]
with:
arguments: -p="./" --ignore="**/htmlcov/**, **/deployments/**, **/.git/**, **/**.pyre, **/.venv/**, **/.vscode/**, **/*.env, **/.mypy_cache/**, **/tests/**"
Build Action based Docker purely isn't flexible to split arguments like it's possible when build using Javascript/Typescript.
This is a proof of concept to running Horusec as a Github Action.