Support the bandit check by GitHub Action (sonic-net#2358)

What I did Support the bandit check by GitHub Action to find out the potential security issues in the python code. How I did it Add the bandit check action in GitHub workflow
preetham-singh · Nov 18, 2022 · c26927e · c26927e
1 parent 38d8b81
commit c26927e
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/.bandit b/.bandit
diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
@@ -0,0 +1,20 @@
+# This workflow is to do the bandit check
+#
+
+name: bandit
+on:
+  pull_request:
+    types:
+    - opened
+    - reopened
+    - synchronize
+
+jobs:
+  bendit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: bandit
+      uses: jpetrucciani/bandit-check@master
+      with:
+        path: '.'