Skip to content

GaboFDC/brakeman-linter-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags
 
 

Repository files navigation

Brakeman github action

Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. See more

Usage

- name: Brakeman
  uses: GaboFDC/brakeman-linter-action@v1.1.0
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

You can also pass additional args to brakeman:

- name: Brakeman
  uses: GaboFDC/brakeman-linter-action@v1.1.0
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    BRAKEMAN_ARGS: --force-scan

NOTE: The actions expects the format to be json, if you change it, the action will fail

Custom report

If for some reason you need complete control, you can generate the report, and pass it to the action

- name: Install gems
  run: |
    gem install brakeman -v 4.5.0
- name: brakeman report
  run: |
    brakeman -f json > tmp/brakeman.json
- name: Brakeman
  uses: GaboFDC/brakeman-linter-action@v1.1.0
  env:
    GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
    REPORT_PATH: tmp/brakeman.json

Example Workflow

name: Brakeman

on: [push]

jobs:
  build:
    runs-on: ubuntu-18.04
    steps:
    - uses: actions/checkout@v1
    - name: Brakeman
      uses: GaboFDC/brakeman-linter-action@v1.1.0
      env:
        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Screenshots

example GitHub Action UI example Pull request

About

GitHub Action to run Rubocop against your code.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v1.1.0 Latest
Mar 2, 2021

Packages

No packages published

Languages

  • Ruby 98.6%
  • Dockerfile 1.4%