Skip to content

Workflow file for this run

name: Kubescape scanning for misconfigurations
on: [push, pull_request]
jobs:
kubescape:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- uses: kubescape/github-action@main
continue-on-error: true
with:
format: sarif
outputFile: results
# # Optional: Specify the Kubescape Portal credentials
# account: ${{secrets.KUBESCAPE_ACCOUNT}}
# accessKey: ${{secrets.KUBESCAPE_ACCESS_KEY}}
# server: ${{ vars.KUBESCAPE_SERVER }}
# # Optional: Scan a specific path. Default will scan the whole repository
# files: "examples/*.yaml"
- name: Upload Kubescape scan results to Github Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif