Skip to content

CI

CI #21

Workflow file for this run

name: CI
on:
push:
branches:
- crawler
- har-file
- swagger
- brokencrystals
pull_request:
branches: [main]
schedule:
- cron: "0 0 * * THU"
workflow_dispatch:
jobs:
release:
name: test run-scan
runs-on: ubuntu-latest
container: node:20
steps:
- uses: actions/checkout@v4
- name: Install dependencies
working-directory: ./run-scan
run: npm ci && npm install -g @vercel/ncc
- name: Build release
working-directory: ./run-scan
run: npm run build && npm run pack
- name: Bright Security Scan 🏁
uses: ./run-scan
with:
api_token: ${{ secrets.BRIGHT_TOKEN }}
name: GitHub scan ${{ github.sha }}
discovery_types: |
[ "crawler" ]
crawler_urls: |
[ "https://brokencrystals.com" ]
module: "dast"
hosts_filter: |
[ ]
wait-for:
name: Wait for any issues, gh-int + code_scanning_alerts on
runs-on: ubuntu-latest
container: node:20
steps:
- uses: actions/checkout@v4
- name: Install dependencies
working-directory: ./wait-for
run: npm ci && npm install -g @vercel/ncc
- name: Build wait-for
working-directory: ./wait-for
run: npm run build && npm run pack
- name: Build run-scan
working-directory: ./run-scan
run: npm run build && npm run pack
- name: Scan
id: start
uses: ./run-scan
with:
api_token: ${{ secrets.BRIGHT_TOKEN }}
name: GitHub scan ${{ github.sha }}
discovery_types: |
[ "crawler" ]
crawler_urls: |
[ "https://brokencrystals.com" ]
module: "dast"
hosts_filter: |
[ ]
- name: Wait for breakpoint
id: wait
uses: ./wait-for
with:
api_token: ${{ secrets.BRIGHT_TOKEN }}
hostname: app.brightsec.com
scan: ${{ steps.start.outputs.id }}
wait_for: high
code_scanning_alerts: true
github_token: ${{ secrets.KEY_GITHUB }}
timeout: 600
stop_scan: true