This repository is a collection of GitHub Actions, with each subfolder containing a separate action for different Bright Security functionalities.
- Node.js (v14 or higher)
- npm (v6 or higher)
- Fork this repository.
- Navigate to the specific action folder you want to use (e.g.,
run-discoveryorstop-discovery) - Install dependencies:
npm install
- Build the action:
npm run build
- Set
BRIGHT_TOKENandKEY_GITHUBsecrets in your repository settings - with your own values. - Run a CI job in GitHub Actions.
- Go to Bright Security app and check if a scan was started.
This project uses ESLint for code linting. To run the linter:
npm run lintThis project uses Husky to manage Git hooks, ensuring code quality and consistency:
- Pre-commit: Runs linting and formatting checks
- Post-commit: Performs post-commit tasks
- Commit-msg: Validates commit messages format
We follow conventional commit messages format. Each commit message must have a specific structure:
<type>(<scope>): <description>
[optional body]
[optional footer]
Where type can be:
- build: Changes that affect the build system or external dependencies
- chore: Maintenance tasks
- ci: Changes to CI configuration files and scripts
- docs: Documentation only changes
- feat: A new feature
- fix: A bug fix
- perf: A code change that improves performance
- refactor: A code change that neither fixes a bug nor adds a feature
- style: Changes that do not affect the meaning of the code
- test: Adding missing tests or correcting existing tests
Commit messages are automatically validated using commitlint.