Skip to content

apache/infrastructure-gha-workflow-scanner

BranchesTags

Repository files navigation

ASF GitHub Actions Workflow Scanner

Setting up

pipenv install

REQUIRES: a Read-Only GitHub token

Copy the gha-workflow-scanner.example file to gha-workflow-scanner.yaml Edit gha-workflow-scanner.yaml Optionally, use a different file with these values and pass it to scanner.py with -c/--config.

Testing

This product uses pytest. Ensure that checks run after modification. e.g.: pytest tests/checks.py

will test the configured checks.

Starting

pipenv run python3 ./scanner.py

Logging

The policy scanner logs to logs/gha_scanner.log by default.

Description

When started as a service, the scanner will check GitHub Actions Workflows for compliance with our policy checks. If a workflow in the scanned repository is found to be non-compliant, an email will be sent to the owning PMC and infrastructure.

About

Apache infrastructure

infrastructure.apache.org/

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

8 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages