Skip to content

Commit

Permalink
Create security-goat.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@andersonbosa
andersonbosa authored Oct 5, 2023
1 parent 9f2e4e3 commit 8e7dc06
Showing 1 changed file with 39 additions and 0 deletions.
39 changes: 39 additions & 0 deletions .github/workflows/security-goat.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: "[security] Security Goat in pipeline"

on:
workflow_dispatch: {}

permissions:
contents: read

env:
SECURITY_GOAT_IMAGE: ghcr.io/andersonbosa/security-goat:latest
GOAT_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_ACCESS_TOKEN }}
GOAT_GITHUB_OWNER: ${{ github.repository_owner }}
GOAT_GITHUB_REPO: ${{ github.event.repository.name }}
GOAT_SEVERITY_LIMITS_CRITICAL: 0
GOAT_SEVERITY_LIMITS_HIGH: 0
GOAT_SEVERITY_LIMITS_MEDIUM: 0
GOAT_SEVERITY_LIMITS_LOW: 0

jobs:
through-docker:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Pull Docker image from GitHub Container Registry
run: docker pull ${{ env.SECURITY_GOAT_IMAGE }}

- name: Verify Version
run: docker run ${{ env.SECURITY_GOAT_IMAGE }} version

- name: Set up env file
run: |
env | grep 'GOAT' >.env
- name: Verify security alerts from dependabot
run: |
docker run --env-file=.env ${{ env.SECURITY_GOAT_IMAGE }} --verbose

0 comments on commit 8e7dc06

Please sign in to comment.