Skip to content

crashappsec/setup-chalk-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits

.github/workflows

.github/workflows

 
 

tests

tests

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yml

action.yml

 
 

setup.sh

setup.sh

 
 

Repository files navigation

Setup Chalk

GitHub Action for setting up Chalk.

Chalk captures metadata at build time, and adds a small 'chalk mark' (metadata) to any artifacts, so they can be identified in production. This GitHub action simplifies the process of deploying chalk for GitHub action users. The action:

  • Installs chalk CLI in the GitHub runner (hosted and self-hosted). You can then start using chalk in your GitHub workflows.
  • Wraps docker with chalk. As such, any GitHub workflows using docker will automatically start using chalk when building any Docker images.
  • Allows to load chalk configuration from a file or an URL. For example this can configure chalk to send metadata reports to an external server for metadata collection.

Usage

name: ci

on:
  push:

jobs:
  buildx:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Set up Chalk
        uses: crashappsec/setup-chalk-action@main

Customizing

The following parameters can be provided to the action.

Name Type Default Description
version String Version of chalk to install. By default latest version is installed. See releases for all available versions.
load String Chalk config(s) to load - comma or new-line delimited. Can be either paths to files or URLs.
params String Chalk components params to load. Should be JSON array with all parameter values. JSON structure is the same as provided by chalk dump params.
connect Bool Whether to automatically connect to https://crashoverride.run. If true, will load https://chalkdust.io/connect.c4m.
token String CrashOverride API Token. Get your API token at CrashOverride
password String Password for chalk signing key. Password is displayed as part of chalk setup.
public_key String Content of chalk signing public key). Copy from chalk.pub after chalk setup.
private_key String Content of chalk signing encrypted private key (with the provided password). Copy from chalk.key after chalk setup.

For example:

- name: Set up Chalk
  uses: crashappsec/setup-chalk-action@main
  with:
    version: "0.4.1"
    connect: true
    load: "https://chalkdust.io/connect.c4m"
    token: ${{ secrets.CHALK_TOKEN }}
    password: ${{ secrets.CHALK_PASSWORD }}
    public_key: ${{ secrets.CHALK_PUBLIC_KEY }}
    private_key: ${{ secrets.CHALK_PRIVATE_KEY }}

Contributing

We welcome contributions but do require you to complete a contributor license agreement or CLA. You can read the CLA and about our process here.

About

GitHub Action for setting up Chalk

crashoverride.com/docs/chalk

Topics

chalk

Resources

Readme

License

GPL-3.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

2 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases 1

v0.0.1 Latest
Jan 11, 2024

Contributors 2

  •  
  •  

Languages