CloudBees action: Scan with GitHub Advanced Security

1 minute read

Use this action to scan a public GitHub repository with the GitHub Advanced Security tool. GitHub Advanced Security can detect security vulnerabilities and coding errors in your code.

Scanning of private GitHub repositories is not supported.
All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 1. Input details
Input name Data type Required? Description

token

String

Yes

The GitHub client secret.

language

String

No

The language of your Git repository code base. Refer to Supported languages.

Supported languages

Table 2. Supported languages with inputs
Supported language Input format

Go

LANGUAGE_GO

Java

LANGUAGE_JAVA

Usage example

In your YAML file, add:

      - name: Scan with GitHub Advanced Security
        uses: cloudbees-io/github-security-sast-scan-code@v1
        with:
          token: ${{ secrets.GITHUB_SECRET }}
          language: "LANGUAGE_JAVA"