Skip to content

Commit

Permalink
Update federacy/scan-action to v0.1.5 and add Salus config
Browse files Browse the repository at this point in the history
  • Loading branch information
nmanoogian committed Aug 19, 2024
1 parent 86f4080 commit 89d6189
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
4 changes: 3 additions & 1 deletion .github/workflows/salus.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,9 @@ jobs:
run: ./hack/inject-nosec.sh
- name: Salus Scan
id: salus_scan
uses: federacy/scan-action@0.1.2
uses: federacy/scan-action@0.1.5
env:
SALUS_CONFIGURATION: "file://salus-config.yaml"
with:
report_uri: file://./salus-report.txt
report_format: txt
Expand Down
28 changes: 28 additions & 0 deletions salus-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# https://github.com/coinbase/salus/blob/master/docs/configuration.md

# Used in the report to identify the project being scanned.
project_name: Doppler-Kubernetes-Operator

# Defines where to send Salus reports and in what format.
reports:
- uri: file://salus-report.txt
format: txt

# All scanners to execute, or the String value "all"/"none"
active_scanners:
- Gosec
- PatternSearch
- RepoNotEmpty
- GoOSV
- GoVersionScanner
- GoPackageScanner
- ReportGoDep
- Trufflehog

# All scanners that will exit non-zero if they fail, or the String value "all"/"none"
enforced_scanners: "all"

scanner_configs:
GoVersionScanner:
error:
min_version: '1.22.0'

0 comments on commit 89d6189

Please sign in to comment.