Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added dast security #33

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions .github/workflows/soos-dast-scan.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# SOOS is the easy-to-integrate and affordable software security solution for your whole team.
#
# Learn more at https://soos.io/
#
# To use this action, perform the following steps:
#
# 1. Create an account on https://app.soos.io. SOOS offers a free 30 day trial for our SCA, DAST, and SBOM products.
#
# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate/dast/). Note the "API Credentials" section of this page; the keys you will need for the next step are here.
#
# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
#
# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token.
#
# Check for the latest version here: https://github.com/marketplace/actions/soos-dast

name: "SOOS DAST Scan"

on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]

jobs:
soos:
permissions:
security-events: write # for uploading code scanning alert info
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: SOOS DAST Analysis
runs-on: ubuntu-latest
steps:
- name: Run SOOS DAST Analysis
uses: soos-io/soos-dast-github-action@65d9878d77c8993f3db9e86a92bc2ad3a6e060af
with:
client_id: ${{ secrets.SOOS_CLIENT_ID }}
api_key: ${{ secrets.SOOS_API_KEY }}
project_name: "<YOUR-PROJECT-NAME>"
scan_mode: "baseline"
target_url: "https://www.example.com/"
output_format: "sarif"
- name: Upload SOOS DAST SARIF Report
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
Loading